How should I know how your login and register page look like, and which PHP codes you are using?
<?php
if(isset($_SESSION['login'])
{
echo "Welcome ".$row['username']." to the site";
}
else
{
echo "Welcome guest. Please login or register";
}
?><?
session_start();
include_once"config.php";
if(isset($_POST['login'])){
$username= trim($_POST['username']);
$password = trim($_POST['password']);
if($username == NULL OR $password == NULL){
$final_report.="Please complete all the fields below..";
}else{
$check_user_data = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
if(mysql_num_rows($check_user_data) == 0){
$final_report.="This username does not exist..";
}else{
$get_user_data = mysql_fetch_array($check_user_data);
if($get_user_data['password'] == $password){
$start_idsess = $_SESSION['username'] = "".$get_user_data['username']."";
$start_passsess = $_SESSION['password'] = "".$get_user_data['password']."";
$final_report.="You are about to be logged in, please wait a few moments.. <meta http-equiv='Refresh' content='2; URL=members.php'/>";
}}}}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
</head>
<body><form action="" method="post">
<table width="312" align="center">
<? echo "<tr><td colspan='2'>".$final_report."</td></tr><tr>";?>
<tr>
<td width="120">Username:</td>
<td width="180"><input type="text" name="username" size="30" maxlength="25"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" size="30" maxlength="25"></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="login" value="Login" /></td>
</tr>
</table>
</form>
</body>
</html><?
include_once"config.php";
if(isset($_POST['register'])){
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$memip = $_SERVER['REMOTE_ADDR'];
$date = date("d-m-Y");
if($username == NULL OR $password == NULL OR $email == NULL){
$final_report.= "Please complete the form below..";
}else{
if(strlen($username) <= 3 || strlen($username) >= 30){
$final_report.="Your username must be between 3 and 30 characters..";
}else{
$check_members = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'");
if(mysql_num_rows($check_members) != 0){
$final_report.="The username is already in use!";
}else{
if(strlen($password) <= 6 || strlen($password) >= 12){
$final_report.="Your password must be between 6 and 12 digits and characters..";
}else{
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)){
$final_report.="Your email address was not valid..";
}else{
$create_member = mysql_query("INSERT INTO `members` (`id`,`username`, `password`, `email`, `ip`, `date`)
VALUES('','$username','$password','$email','$memip','$date')");
$final_report.="Thank you for registering, you may login.";
}}}}}}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>untitled</title>
</head>
<body><form method="post">
<table width="384" border="1" align="center">
<? echo '<tr><td colspan="2">'.$final_report.'</td></tr>';?>
<tr>
<td width="50%">Username:</td>
<td width="50%"><label>
<input name="username" type="text" id="username" size="30" />
</label></td>
</tr>
<tr>
<td>Password:</td>
<td><input name="password" type="password" id="password" value="" size="30" /></td>
</tr>
<tr>
<td>Email:</td>
<td><input name="email" type="text" id="email" size="30" /></td>
</tr>
<tr>
<td> </td>
<td><label>
<input name="register" type="submit" id="register" value="Register" />
</label></td>
</tr>
</table>
</form>
</body>
</html>
