PHP Ajax Login Validation Tutorial

Create  design for table name contact.

CREATE TABLE IF NOT EXISTS `username` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(50) NOT NULL
  `password` varchar(50) NOT NULL,
   PRIMARY KEY (`id`)
)
 Contains database connectivity code

$hostname = "Host name";
$user = "UserName";
$password = "Password";
$database = "Database Name";

$con = mysql_connect($hostname, $user,
       $password or die("Could not connect database");
//Create a new connection
mysql_select_db($database, $con) or
                 die("Could not select database");

Contains login form and ajax code

<script type="text/javascript">
    function validLogin(){
       var uname=$('#username').val();
       var password=$('#password').val();
       var dataString = 'username='+ username + '&password='+ password;
       $("#flash").show();
       $("#flash").fadeIn(400).html('<img src="image/loading.gif" />');
       $.ajax({
             type: "POST",
             url: "processed.php",
             data: dataString,
             cache: false,
             success: function(result){
             var result=trim(result);
             $("#flash").hide();
             if(result=='correct'){
                  window.location='index.php';
             }else{
                  $("#errorMessage").html(result);
             }
        }
  });
}

function trim(str){
var str=str.replace(/^\s+|\s+$/,'');
return str;
}
</script>

processed.php
Contains login logic  and validation code.
<?php
session_start();
include_once('inc/dbConnect.inc.php');
$message=array();
if(isset($_POST['username']) && !empty($_POST['username'])){
     $username=mysql_real_escape_string($_POST['username']);
}else{ 
     $message[]='Please enter username';
}

if(isset($_POST['password']) && !empty($_POST['password'])){
     $password=mysql_real_escape_string($_POST['password']);
}else{
     $message[]='Please enter password';
}

$countError=count($message);
if($countError > 0){
     for($i=0;$i<$countError;$i++){
         echo ucwords($message[$i]).'<br/><br/>';
     }
}else{
     $query="select * from user where username='$username' and
             password='$password'";
     $res=mysql_query($query);
     $checkUser=mysql_num_rows($res);
     if($checkUser > 0){
         $_SESSION['LOGIN_STATUS']=true;
         $_SESSION['UNAME']=$username;
         echo 'correct';
    }else{
         echo ucwords('please enter correct user details');
    }
}
?>

index.php

<?php
 session_start();

 if(!isset($_SESSION['LOGIN_STATUS'])){
      header('location:login.php');
 }
?>



logout.php
Contains session destroy code.
<?php session_start(); session_destroy(); header('location:login.php'); ?>
 





No comments:

Post a Comment

Subscribe to: Post Comments (Atom)