Jump to content

simple login based authentication/prevent access to unauthorized users


beemer832

Recommended Posts

I am just starting to learn PHP and work on a personal project. My goal is to offer a Login page for a business owner to log into their website and then add/remove content in a certain section as needed (classified information, part information, used equipment, etc.)

 

I have a login script working successfully, but am trying to get pointed down the correct path where to start looking at the authenticated sessions and cookies to restrict unauthorized access.

 

The page now loads to index.php which then redirects to parts.php once the user has been authenticated. I need to make sure that any user cannot browse to parts.php and gain access.

 

Thanks

-Josh

Link to comment
Share on other sites

The easiset - and I believe most popular way is to simply use $_SESSION.

 

When they login I set $_SESSION['loggedin'] = "true";

 

I also set admin level through that so $_SESSION['admin'] = #; (# = some integer)

 

Then on the pages you want to make sure they are logged in on, do an if to see if the session values are the ones you need.

 

Also note you need session_start(); at the top of all pages using sessions.

Link to comment
Share on other sites

Josh, after the user is logged in, a session variable is created to store a value stating the user is logged in. So, if the user were to go to another page, you must check if the user is logged in by checking the value of the session variable. Otherwise, how would you know if the user is logged in or not? Does this make sense?

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.