I'd recommend, as did Alma Do Mundo, to read about sessions. Here's how you would accomplish what you wanted:
login.php:
<!DOCTYPE html>
<html>
<head><title>Login</title></head>
<body>
<form id='loginform' action='checklogin.php' method='post'>
<div>Username: <input type='text' id='username' name='username' /></div>
<div>Password: <input type='password' id='password' name='password' /></div>
<div><input type='submit' id='submit' value='Login'></div>
</form>
</body>
</html>
Have the login page send the data to an intermediate page such as checklogin.php. Here's the code for that:
<?php
session_start();
// check if the username and password are correct
// in real world scenario, this would be more complex as data
// is cleaned and then checked against the database where username
// and encrypted password (and salt) are stored in a *secured* manner
if ($_POST['username'] === 'hello' && $_POST['password'] === 'world')
{
$_SESSION['username'] = $_POST['username'];
header('location:welcome.php');
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login issue</title>
</head>
<body>
<div class='badassredcolor'>Invalid username or password. Please <a href='login.php'>login again</a>.</div>
</body>
</html>
checklogin.php will see if the username and password are right. If they are right, remember their username and send the person to welcome.php. Otherwise ask them to login again. Of course, the process should be much more graceful than this but this is just an example.
Then, your welcome page will show them a welcome message like so:
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Welcome to the awesome website</title>
</head>
<body>
<h1>Welcome <?php echo $_SESSION['username']; ?></h1>
</body>
</html>
Hope this helps.
Alright, let's say we want to use a single page to do show form and check login/password, use the example below. It is a quick draft that you can modify. In real world, you would do it a lot different but this example is fine for learning:
<?php
session_start();
// let's hold a variable to check if the user POST'ed the form
// or if we got to this page without POST'ing to itself
$isPosted = false;
// let's first check if user POST'ed anything
if (isset($_POST['username']) && isset($_POST['password']))
{
// okay, we got something. Let's flag the variable
$isPosted = true;
// Let's check if the username and password are good. If good, let's set up
// a session variable appropriately
if ($_POST['username'] === 'hello' && $_POST['password'] === 'world')
{
$_SESSION['username'] = $_POST['username'];
}
}
else
{
// seems like the form was not posted with any interesting data
// or it is a fresh page-load. Let's ensure that no session variables
// are alive
if(isset($_SESSION['username']))
{
session_unset();
}
}
?>
<!DOCTYPE html>
<html>
<head><title>Login</title></head>
<body>
<?php
// if the form was posted and session was set, show welcome message
if (
$isPosted === true &&
(isset($_SESSION['username']))
)
{
?>
<div class='greetings'>Welcome, <?php echo htmlentities($_SESSION['username']); ?></div>
<div>more cool things here</div>
<?php
}
// oh, either the page was freshly loaded or session was not set. Cool, show form first
else
{
?>
<form id='loginform' action='newlogin.php' method='post'>
<div>Username: <input type='text' id='username' name='username' /></div>
<div>Password: <input type='password' id='password' name='password' /></div>
<div><input type='submit' id='submit' value='Login'></div>
</form>
<?php
// if the form was posted and we know that session is not set,
// let's show an error
if ($isPosted)
{
?>
<div class='badassREDcolor'>Invalid username or password</div>
<?php
}
}
?>
</body>
</html>