ainoy31 Posted June 4, 2007 Share Posted June 4, 2007 I have an adim login panel for username and password to be entered. The info entered is validated against a database. I want each of my php files to have an authenication so people can not access each page without entering an username and password. Hope this makes sense. I have been thinking about using sessions. Any sample codes or suggestions would be appreciated. thx. AM Quote Link to comment https://forums.phpfreaks.com/topic/54129-page-authenication/ Share on other sites More sharing options...
chrisuk Posted June 4, 2007 Share Posted June 4, 2007 first you need to create the session when the user is authenticated: //if authenticated: $_SESSION['loggedin'] = "yes"; $_SESSION['id'] = $username; $sess_id = session_id(); session_write_close(); //anything else you want to do then at the top of every page, you could simply have: session_start(); if ( @$_SESSION['loggedin'] != "yes" ) { header ("Location: login.php"); exit(); } note: NOTHING should go before session_start(); Hope this helps Quote Link to comment https://forums.phpfreaks.com/topic/54129-page-authenication/#findComment-267606 Share on other sites More sharing options...
emehrkay Posted June 4, 2007 Share Posted June 4, 2007 the easiest way to do this is with two files login.php //this will contain a form whose action is itself and when submitted checks the db against user pass info. when authenticated, set a sesson var like $_SESSION['uid'] = whatever user id you return from the db access.php //very simple file and you include this file on all of the pages that you want to control access to. check for $_SESSION['uid'] if its set allow the user to view the page. if it isnt set, set it equal to -99 and do a header redirect to login.php thats how i would handle it Quote Link to comment https://forums.phpfreaks.com/topic/54129-page-authenication/#findComment-267611 Share on other sites More sharing options...
ainoy31 Posted June 4, 2007 Author Share Posted June 4, 2007 <?php include("ConnectDB.php"); ?> <? $name = $_POST['username']; $password = md5($_POST['pswd']); //search to see if the username entered matches up with the username in the database $query = "SELECT Username, Password FROM Login WHERE Username = '$name' AND Password = '$password'"; $result = mysql_query($query) or die(mysql_error()); $num = mysql_numrows($result); if($num) { header("Location: AdminPanel.php"); } else { print("<b><h3>Username or password entered is incorrect. Redirecting back to log-in page.</h3></b>"); header("Refresh: 5; url = Admin.php"); } ?> </form> This is where I am validating against the DB. I am not using an form on this page. Just checking and if it is OK, then go to the next page. thx. AM Quote Link to comment https://forums.phpfreaks.com/topic/54129-page-authenication/#findComment-267700 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.