DzSoundNirvana:

<?
/***************************
login.class.php
***************************/
class user{
//To track the switch/errors through out
var $login_error;

//constructor
function user($UserInput){
if($_SERVER['REQUEST_METHOD'] == "POST")
{
$this->validate_user($UserInput);
}
else
{
$this->login_form();
}
}//End function

//Just a simple login form
function login_form(){
echo "<div align=\"center\"><form name=\"LoginForm\" action=\"$_SERVER[PHP_SELF]\" method=\"POST\"><table><tr><td><tr><td>User Name:</td><td><input type=\"text\" name=\"FLU\"></td><td>Password:</td><td><input type=\"password\" name=\"FLP\"></td></tr><tr><td colspan=\"2\"><input type=\"submit\" value=\"Submit\"> <input type=\"reset\" value=\"Reset\"></td></tr></table></div>";

}//End Function

function validate_user($UserInput){

//my chosen user name and password pattern
$this->user_name_pattern = ("^[a-zA-Z0-9]{5,15}$");
$this->password_pattern = ("^[a-zA-Z0-9\!\@\#\$\%\^\&\*\`\~\_]{5,15}$");
//JavaScript History -1
$this->go_back = "<a href=javascript:history.go(-1)><font color=red size=-2>(Go Back)</font></a>";
//Change the redirect location to whare you want to go http://yoursite.com/members/
$this->success_login_redirect = "http://dzsoundnirvana.com/";

switch($UserInput){
case ($UserInput['FLU'] == "" || !ereg($this->user_name_pattern,$UserInput['FLU'])):
$this->login_form();
echo "<div align=\"center\"><font color=\"red\">Invalid user name. Try again or $this->go_back!</font></div>";
$this->login_error == false;
break;

case ($UserInput['FLP'] == "" || !ereg($this->password_pattern,$UserInput['FLP'])):
$this->login_form();
echo "<div align=\"center\"><font color=\"red\">Invalid password. Try again or $this->go_back!</font></div>";
$this->login_error == false;
break;
}
if($this->login_error === false){
//Or you can redirect to a "Forgot password/user name" page or leave it alone. This will kill the script. No output after though!
exit;
}
else{
//Now we go to the Database and validate the user
$this->db();
$this->query_string = "SELECT * FROM users WHERE user_name=’$UserInput[FLU]‘ && password=’" . md5($UserInput['password']) . "’";
$this->query = mysql_query($this->query_string);
//Error check the query
if(!$this->query){
echo "System error! Contact the system administrator!<br>or<br>$this->go_back";
//use this for debugging (below), Delete the // at the beginning
//echo mysql_error();
}
else{
//Need to check if more than 1 user exists if so….throw HACKING error (not supported here)..another class
$this->num_rows = mysql_num_rows($this->query);
if($this->num_rows > 1){
echo "Hacking warning";
exit;
}
else{
//Get the user information and set into the $_SESSION and then redirect to the directed page
$this->user_information = mysql_fetch_assoc($this->query);
//Put all user data into $_SESSION
foreach($this->user_information as $key => $value){
$_SESSION[$key] = $value;
//Now we redirect to the page specified
echo "<script type=\"text/javascript\">window.location=\"$this->success_login_redirect\"</script>";
echo "If you are not redirected <a href=\"this->success_login_redirect\" target=\"_parent\">Click here to continue</a>";
}
}

}//else

}//if($this->login_error === false)/else{

}//End function

function db(){
//Put your database host, database user name, and database password
$this->db_link = mysql_connect("data_base_host","data_base_user","data_base_password");
//Select the DB
//Put your database name
$this->db_select = mysql_select_db("data_base_name");

}

}//End Class
?>