ainoy31 Posted June 4, 2007 Share Posted June 4, 2007 I have an adim login panel for username and password to be entered. The info entered is validated against a database. I want each of my php files to have an authenication so people can not access each page without entering an username and password. Hope this makes sense. I have been thinking about using sessions. Any sample codes or suggestions would be appreciated. thx. AM Link to comment https://forums.phpfreaks.com/topic/54129-page-authenication/ Share on other sites More sharing options...
chrisuk Posted June 4, 2007 Share Posted June 4, 2007 first you need to create the session when the user is authenticated: //if authenticated: $_SESSION['loggedin'] = "yes"; $_SESSION['id'] = $username; $sess_id = session_id(); session_write_close(); //anything else you want to do then at the top of every page, you could simply have: session_start(); if ( @$_SESSION['loggedin'] != "yes" ) { header ("Location: login.php"); exit(); } note: NOTHING should go before session_start(); Hope this helps Link to comment https://forums.phpfreaks.com/topic/54129-page-authenication/#findComment-267606 Share on other sites More sharing options...
emehrkay Posted June 4, 2007 Share Posted June 4, 2007 the easiest way to do this is with two files login.php //this will contain a form whose action is itself and when submitted checks the db against user pass info. when authenticated, set a sesson var like $_SESSION['uid'] = whatever user id you return from the db access.php //very simple file and you include this file on all of the pages that you want to control access to. check for $_SESSION['uid'] if its set allow the user to view the page. if it isnt set, set it equal to -99 and do a header redirect to login.php thats how i would handle it Link to comment https://forums.phpfreaks.com/topic/54129-page-authenication/#findComment-267611 Share on other sites More sharing options...
ainoy31 Posted June 4, 2007 Author Share Posted June 4, 2007 <?php include("ConnectDB.php"); ?> <? $name = $_POST['username']; $password = md5($_POST['pswd']); //search to see if the username entered matches up with the username in the database $query = "SELECT Username, Password FROM Login WHERE Username = '$name' AND Password = '$password'"; $result = mysql_query($query) or die(mysql_error()); $num = mysql_numrows($result); if($num) { header("Location: AdminPanel.php"); } else { print("<b><h3>Username or password entered is incorrect. Redirecting back to log-in page.</h3></b>"); header("Refresh: 5; url = Admin.php"); } ?> </form> This is where I am validating against the DB. I am not using an form on this page. Just checking and if it is OK, then go to the next page. thx. AM Link to comment https://forums.phpfreaks.com/topic/54129-page-authenication/#findComment-267700 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.