PHP: keeping the username in field

How do i do if i want to keep the username in the field if the users entere开发者_开发技巧d incorrect password, so the person doesnt need to retype the username? Should i use sessions for this?

Just pass the value to the field:

<input name="uid" value="<?php echo (isset($_POST['uid'])) ? $_POST['uid'] : ''?>" />

Never forget to sanitize user input first! (not like in my example but it should give you the right idea).

But be careful with error messages. Don't say that the password is wrong. Say that the password or username is wrong. You don't want to let anyone know that a certain username is register in your system (at least not by trying to login).

Make sure $_POST['username'] data is not harmful first.

<input name="username" type="text" value="<?php echo $_POST['username'] ?>" />

try this one

use the session variable

  $_SESSION['username'] = $_POST['username'];


<input type="text" name="username" value="<?php echo $_SESSION['username']; ?>" />

Just print it:

<input name="username" type="text" value="<?php echo htmlspecialchars($_POST['username']) ?>">

Yes if you are not posting to the same page but to a php handeling script you would need to use a session variable like $_SESSION['sticky']['username'] = $_POST['username'], then on the page that you return to

<input type="text" value="<?php if isset($_SESSION['sticky']['username']) echo $_SESSION['sticky']['username'] ?>" name="username" />