The previous post was about PHP Session There explained about session its purpose and syntax in detail. Let’s see one good example of the session.
User login system
1. connection.php
This page is used to establish a database connection from the application.
1 2 3 | <!--?php $con = new mysqli("localhost","root","","session"); ?--> |
2. index.php
This page retrieves the user detail from the database
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | <!--?php include "header.php"; include "connection.php"; if($_POST[em]) { $sql = "select * from `user` where `email`='$_POST[em]' and `password`='$_POST[pw]'"; $res = $con--->query($sql); $num = $res->num_rows; if($num!=0) { $row = $res->fetch_array(); $_SESSION[userid] = $row[id]; $_SESSION[chk] = true; header("location:profile.php"); //redirect one PHP file to another PHP file } else { echo "Login Fail"; } } ?>; |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | <center> <p> </p> <form action="" method="post"> <table border="1"> <tbody> <tr> <td>Email-</td> <td><input name="em" type="text"></td> </tr> <tr> <td>Password</td> <td><input name="pw" type="password"></td> </tr> <tr> <td colspan="2" align="center"><input type="submit" value="Login"></td> </tr> </tbody> </table> </form> <p>New User</p> <p> </p> </center> |
3.
1 2 3 4 5 6 7 8 9 | <!--?php include "connection.php"; if($_POST[em]) { $sql = "INSERT INTO `user`(`id`, `name`, `address`, `phone`, `email`, `password`) VALUES ('','$_POST[nm]','$_POST[add]','$_POST[ph]','$_POST[em]','$_POST[pw]')"; $con--->query($sql); header("location:index.php"); } ?> |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | <center> <p> </p> <form action="" method="post"> <table border="1"> <tbody> <tr> <td>Name-</td> <td><input name="nm" type="text"></td> </tr> <tr> <td>Address-</td> <td><textarea cols="" name="add" rows=""></textarea></td> </tr> <tr> <td>Phone-</td> <td><input name="ph" type="number"></td> </tr> <tr> <td>Email-</td> <td><input name="em" type="text"></td> </tr> <tr> <td>Password</td> <td><input name="pw" type="password"></td> </tr> <tr> <td colspan="2" align="center"><input type="submit" value="signin"></td> </tr> </tbody> </table> </form> <p>Already Register</p> <p> </p> </center> |
4. checking.php
Check whether the user is in session or not
1 2 3 4 5 6 7 | <!--?php session_start(); if($_SESSION[chk]!=true) { header("location:index.php"); } ?--> |
5. profile.php
This page displays the user information on the page
To select this select * from user query is used and we passed session userid that is extracted from $_SESSION[]
1 2 3 4 5 6 7 8 9 | <!--?php include "header.php"; include "connection.php"; include "checking.php"; $sql = "select * from `user` where `id`='$_SESSION[userid]'"; $res = $con--->query($sql); $row = $res->fetch_array(); echo " |
$row[name] | $row[address] | $row[phone] | $row[email] |
1 2 3 4 5 6 | "; echo " <a href="change.php">Change Password</a>"; ?> |
6. header.php
This page starts the session and shows a link login or logout based on user session was created or not
1 2 3 | <!--?php session_start(); ?--> |
1 2 3 4 5 | <center><!--?php if($_SESSION[chk] != true){ echo '<a href="index.php"-->Login'; } else{ echo 'Logout'; } ?> Profile</center> |
7.logout.php
This page is used to destroy the session
1 2 3 4 5 | <!--?php session_start(); session_destroy(); header("location:index.php"); ?--> |
8. change.php
This page is used to change the user’s password
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | <!--?php session_start(); include "connection.php"; if($_POST[np]) { $sql = "select * from `user` where `password`='$_POST[op]' and `id`='$_SESSION[userid]'"; $res = $con--->query($sql); $num = $res->num_rows; if($num!=0) { if($_POST[np]==$_POST[cp]) { $sql1 = "update `user` set `password` = '$_POST[np]' where `id`='$_SESSION[userid]'"; $con->query($sql1); header("location:logout.php"); } else { echo "Password Does not Matched"; } } else { echo "Current Password Wrong"; } } ?> |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | <center> <p> </p> <form action="" method="post"> <table border="1"> <tbody> <tr> <td>Current Password-</td> <td><input name="op" type="password"></td> </tr> <tr> <td>New Password-</td> <td><input name="np" type="password"></td> </tr> <tr> <td>Confirm Password-</td> <td><input name="cp" type="password"></td> </tr> <tr> <td colspan="2" align="center"><input type="submit" value="Login"></td> </tr> </tbody> </table> </form> <p>Profile</p> <p> </p> </center> |