Haemp Posted April 17, 2008 Share Posted April 17, 2008 Hi guys. I am relativley new to PHP and mySQL and my question is reggarding the modeling of the login application. So this is what I am thinking: 1. User sends away a form with username and password to the server. 2. The forms action script - process.php, sends a querry to the database. 3. The querry checks the database for the username and password. 4. If the given username and password corresponds to that in the database, the script redirects the browser to the users "private section". Thats the general idea. Does this look "ok", or is there any major wrongs? I just want to know if I've got the idea right, what with the infrastucture and all. Thanks in advance. //Haemp Quote Link to comment Share on other sites More sharing options...
Wuhtzu Posted April 17, 2008 Share Posted April 17, 2008 Yes, it looks okay to me. Just remember what you will probably be doing in 4. is set a session $_SESSION['is_logged_in'] = true; Quote Link to comment Share on other sites More sharing options...
dptr1988 Posted April 19, 2008 Share Posted April 19, 2008 Also remember that all scripts in the 'private section' need to check if the user is logged in each time they run. Example: <?php if (!isset($_SESSION['is_logged_in']) OR !$_SESSION['is_logged_in']) { // Complain or redirect to login page } ?> Quote Link to comment Share on other sites More sharing options...
Haemp Posted April 19, 2008 Author Share Posted April 19, 2008 Great then. Thanks for your tips guys, much appreciated. Quote Link to comment Share on other sites More sharing options...
allistera Posted April 21, 2008 Share Posted April 21, 2008 A good example of a log-in script: http://woork.blogspot.com/2008/03/php-components-login.html Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.