The user name and password are passed to the PHP script called login.php. The script uses the $_POST global variable to get the values filled against the user name and password fields. A connection is then established with the database 'session' and the corresponding user's ID and password are retrieved. If the user name is foUnd, the password stored in the database is matched against the password supplied by the user. If they do not match, the login attempt is rejected. Otherwise, the login succeeds. The following is what the login.php file looks like:

Name: Logging in PHP script.jpg Views: 123 Size: 36.1 KB

In case the user name and password are correct, the session_start() function is called, which, in turn, sends a session cookie containing the session ID of the user to the client machine. After this, calling $_SESSION('username'j or $_SESSION['id'j is permitted to store and retrieve session data. In the present case, the user name and user ID are stored in the $ _SESSION array.

The session ID created by the session_start function is stored in a cookie on the client machine. You can inspect the cookie by accessing Edit-->Prejerences from the Firefox menu, selecting the 'Privacy' tab, followed by clicking the 'Show Cookies' button. This displays the cookies sorted by the name of the server. In the present case, the server resides at 127.0.0,,1 andlhe cookie is called 'PHPSESSID'--you can notice this value displayed against 'Content' field on the information area. The welcome screen displayed on login is shown.