I am having a hard time understanding this code below: <?php include_once 'common.php'; include_once 'db.php'; session_start(); $uid = isset($_POST['uid']) ? $_POST['uid'] : $_SESSION['uid']; $pwd = isset($_POST['pwd']) ? $_POST['pwd'] : $_SESSION['pwd']; if(!isset($uid)) { ?> <!DOCTYPE html PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title> Please Log In for Access </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <h1> Login Required </h1> <p>You must log in to access this area of the site. If you are not a registered user, <a href="signup.php">click here</a> to sign up for instant access!</p> <p><form method="post" action="<?=$_SERVER['PHP_SELF']?>"> User ID: <input type="text" name="uid" size="8" /><br /> Password: <input type="password" name="pwd" SIZE="8" /><br /> <input type="submit" value="Log in" /> </form></p> </body> </html> <?php exit; } $_SESSION['uid'] = $uid; $_SESSION['pwd'] = $pwd; dbConnect("sessions"); $sql = "SELECT * FROM user WHERE userid = '$uid' AND password = PASSWORD('$pwd')"; $result = mysql_query($sql); if (!$result) { error('A database error occurred while checking your '. 'login details.\\nIf this error persists, please '. 'contact you@example.com.'); } if (mysql_num_rows($result) == 0) { unset($_SESSION['uid']); unset($_SESSION['pwd']); ?> <!DOCTYPE html PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title> Access Denied </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <h1> Access Denied </h1> <p>Your user ID or password is incorrect, or you are not a registered user on this site. To try logging in again, click <a href="<?=$_SERVER['PHP_SELF']?>">here</a>. To register for instant access, click <a href="signup.php">here</a>.</p> </body> </html> <?php exit; } $username = mysql_result($result,0,'fullname'); ?> PHP: Questions: 1. Why is it that this code is using include_one not include? What's the difference? 2. if(condition){ ?> html code here <?php } php code here ?> PHP: Why is it that the html code is sandwiched between ?> and <?php . Will this always be run or something? Can anyone clarify it? 3. What is that capital PASSWORD? Is it a php built-in function? 4. What does mysql_query return? Is it a boolean? 5. What is the required parameters for mysql_result? Thanks.
-> I think the programmer of this code used include_once to make sure that the file would not included multiple times. The difference between them is that include_once is slower compared to include. -> That's one of the features of PHP, since PHP can be embedded in HTML. You can also used like this if(condition){ echo <<<EOL html code here EOL; } php code here ?> PHP: -> the capital PASSWORD is not a php built-in function but a built-in function for mysql. -> PHP data type "resource" -> resource (mysql_query returned or similar) and integer $row I would suggest to look at the php manual. http://www.php.net/manual/en/index.php Thanks, art