Validates Username and Passowrd with PHP

Hi Guys, Here I m Writing the code, How to Validates user name and password with the database…

If the username and Password matches with the database values we need to assign a session to that user..

for that here we are giving a simple session to a user.



$server = “localhost”; //In case if u have some other write it here
$username = “Your Server Login Username”;
$password = “Your Server Login Password”;
$db_name = “Your Database Name”;

$db = mysql_connect($server, $username, $password) or die(“Connection to database failed, perhaps the service is down !!”);
mysql_select_db($db_name) or die(“Database name not available !!”);

Those Query Will Connect You with your Database…. Now I m Writing the Query..

$login = mysql_query(“select * from table_name where (username = ‘” . $_POST[‘username’] . “‘) and (password = ‘” . md5($_POST[‘password’]) . “‘)”,$db);

Tip: here my table contains only Two Field user name and password, if ur table contains more that two fields you can also use *. There is no such issue of using (*) Specifically. (*) will select all the values from the database, where as I can also write

$login = mysql_query(“SELECT username, password FROM table_name WHERE (username = ‘” . $_POST[‘username’] . “‘) and (password = ‘” . md5($_POST[‘password’]) . “‘)”,$db);

Note: Here first username you are watching is the name of the column in your database and the value $_POST[‘username’] is the value which we are getting from the form in the previous page. Similarly for password also.

Note2: md5($_POST[‘password’]) is the Password which is stored in the database in the form encrypted value, so that no one can see what the password is!!

$rowcount = mysql_num_rows($login);
if ($rowcount == 1) {
$_SESSION[‘username’] = $_POST[‘username’];
header(“Location: welcomehome.php”);
header(“Location: login.php”);

Note: here we are giving username and password to a variable called $rowcount.

Next if the user name and password matches with the database we are assigning user a session. and If user name and password doesn’t matches with the database we are redirecting the user back to the login page, else we will redirect the user to its home page.