User authentication

[cranks]

Hello.

I have created my login, and my main page for a game i am making.

How do i do it so only logged in users can access certain pages, otherwise it redirects them back to the login.

I am so confused and have been trying for hours :/

Please excuse the sloppy coding, i'm still learning XD

Index.php : (login)

 

<html>
<body bgcolor="666633">
<link rel="stylesheet" type="text/css" href="style.css">
<div id="topnav">
<strong><center><font color= "white">BATTLE-SCAPE</font></strong></center>
</div>
<div id="gamenav">
<h1>Login</h1>
<?php
if (!isset($_POST['submit'])){
?>
<!-- The HTML login form -->
<form action="<?=$_SERVER['PHP_SELF']?>" method="post">
	Username: <input type="text" name="username" /><br />
	Password: <input type="password" name="password" /><br />

	<input type="submit" name="submit" value="Login" />
</form>
<?php
} else {
require_once("config.php");
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
# check connection
if ($mysqli->connect_errno) {
	echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
	exit();
}

$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * from users WHERE username LIKE '{$username}' AND password LIKE '{$password}' LIMIT 1";
$result = $mysqli->query($sql);
if (!$result->num_rows == 1) {
	echo "<p>Invalid username/password combination</p>";
} else {
	header('Location: main.php');
}
}
?>		
<footer>
 <p>Copyright(c) Connor Smith 2014-2015</p>
</footer>
</center>
</html>

 

Main.php

 

<?php
session_start();
if(!isset($_SESSION['username'])){
  header("Location:index.php");
}
?>
<html>
<body style="background-image:url(/grid/img_bin/background.png); background-size:100%"/>
<link rel="stylesheet" type="text/css" href="style.css">
<title>Battle-Scape : Logged in as Connor</title>
<div id="bodyoutline">
<div id="topnav">
<center>Battle-Scape</center>
</div>
<div id="wilderness">
Wilderness pictures goes here...
</div>
<div id="layout">
<div id="gamenav">
<center>
<strong><a href="character.php" style="text-decoration: none">|Character|</a><strong>
<strong><a href="fighting.php" style="text-decoration: none">|Fighting|</a><strong>
<strong><a href="community.php" style="text-decoration: none">|Community|</a><strong>
<strong><a href="settings.php" style="text-decoration: none">|Settings|</a><strong>
<strong><a href="index.php" style="text-decoration: none">|Logout|</a><strong>
</center>
</div>
<br />
<div id="body">
<strong>Updates! :</strong>
<br />
Finish the template : <font color ="red">20%</font>
<br />
Link the other pages : <font color ="red">0%</font>
<br />
Make working login/register : <font color ="red">0%</font>
</br >
<br />
-Connor
</div>
<div id="playernavbar2">
<div id="chatbox">
<div id="chatboxname">
<center><strong>ChatBox</center></strong>
</div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<center><input type="text" size="14px"> <input type="submit" value=">"></center>
</div>
 </div>
 <div id="playernavbar">
 <div id="username">
<center><strong>Connor</center></strong>
</div>
<div id="char">
<div id="charlevel">
<center><font color= "F0F0F0">100</font></center>
</div>
</div>
<div id="charinfo">
Health :
<br />
EXP :
<br />
Energy: 0
<br />
Badges: 0
<br />
Gold: 0
</div>
  <div id="gamestats">
  <center><strong>Game Stats</center></strong>
Players online : 0
<br />
</div>
<div id="links">
<center><strong>Game Links</center></strong>
o Home
<br />
o Messages
<br />
o Attack
<br />
o Clan
<br />
</body>
</html>

Edited November 28, 2014 by cranks

[SRB]

Use code tags or post on pastebin and just put a link here

[cranks]

Use code tags or post on pastebin and just put a link here

Sorry about that, fixed.

[KyleMassacre]

What you can do is include some sort of globals file that checks for the users session and if it exists then let them proceed, if not then redirect them.

[cranks]

Thank you, i have managed to fix the problem now! :)