自己写的一个小小的php登陆模块

今天写了一个小功能——PHP登陆 出来使用，才刚学PHP不久，有错误的地方请大虾们指正指正：

left.php           登陆页面

userlogin.php  验证功能

login.php         注销功能

config.auth.php 数据库连接功能

就四个页面，left.php通过post提交信息给userlog.php处理，userlog.php调用config.auth.php连接数据库进行数据处理，然后把结果返回left.php，logout.php就只是注销session功能。没有加入cookie，还暂时不需要保存cookie！代码如下：

left.php

>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>登陆系统title>
head>
<body>
php
session_start();
if ($_SESSION[username]) {
?>
<form id="form3" name="form3" method="post" action="">
<table width="150" border="1">
    <tr>
      <td width="64">当前用户td>
      <td width="70">php echo $_SESSION[username];?>td>
    tr>
    <tr>
      <td colspan="2"><div align="center"><a href="logout.php">注销a>div>td>
    tr>
  table>
form>
php
}else {
?>
<form id="form1" name="form1" method="post" action="userlogin.php">
  <table width="150" border="1">
    <tr>
      <td width="64">用户td>
      <td width="70"><label>
        <input name="username" type="text" id="textfield" size="10" />
      label>td>
    tr>
    <tr>
      <td>密码td>
      <td><label>
        <input name="password" type="password" id="textfield2" size="10" />
      label>td>
    tr>
    <tr>
      <td colspan="2">
        <div align="center">
          <input type="submit" name="submit" id="button" value="提交" />
          <input type="reset" name="reset" id="button2" value="重置" />
          div>td>
    tr>
  table>
form>
php
}
?>
body>
html>

config.php

$dbhost="localhost";
$dbuser="root";
$dbpassword="123456";
$dbname="auth";
$conn=mysql_connect("$dbhost","$dbuser","$dbpassword") or die('不能连接服务器'.mysql_error());
mysql_select_db("$dbname",$conn) or die("数据库访问错误".mysql_errno());
mysql_query("set names gb2312");
?>

userlogin.php

"-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
"http://www.w3.org/1999/xhtml">

"Content-Type" content="text/html; charset=gb2312" />
登陆系统



session_start();
require("config.auth.php");
if ($_POST[submit]) {
    $sql="select * from userinfo where username = '$_POST[username]' and password = '$_POST[password]'";
    $result=mysql_query($sql);
    $numrows=mysql_num_rows($result);
    if ($numrows == 1) {
        $row=mysql_fetch_assoc($result);
        $_SESSION[username]=$row[username];
        //echo $_SESSION[username];
        echo "alert('登陆成功！');window.location.href='left.php';";
    }else {
        echo "alert('登陆失败！');window.location.href='index.html';";
    }
}else {
    echo "alert('请通过正确途径登陆！');window.location.href='index.html';";
}
mysql_free_result($result);
mysql_close($conn);
?>

logout.php

"-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
"http://www.w3.org/1999/xhtml">

"Content-Type" content="text/html; charset=gb2312" />
登陆系统



    session_start();
    unset($_SESSION[username]);
    session_destroy();
    echo "alert('注销成功！');window.location.href='index.html';";
?>