php login page - Printable Version
-Shoutbox (https://shoutbox.menthix.net)
+-- Forum: MsgHelp Archive (/forumdisplay.php?fid=58)
+--- Forum: Skype & Technology (/forumdisplay.php?fid=9)
+---- Forum: Tech Talk (/forumdisplay.php?fid=17)
+----- Thread: php login page (/showthread.php?tid=62930)
php login page by stoshrocket on 07-09-2006 at 09:17 PM
i'm creating an admin area for my site and basically im stuck on the login area...
i know how to create the password check (checking the password entered against the correct password), but i don't know how to code say, 'if the password is right, goto this page, if not, echo w/e'... any ideas?
RE: php login page by matty on 07-09-2006 at 09:19 PM
http://pscode.com/...&lngWId=8&B1=Quick+Search
RE: php login page by Ezra on 07-09-2006 at 09:27 PM
I once made myselve this class to manage my login pages
[code]<?
class database_connection{
var $query_id;
var $link;
function connect($location, $username, $password, $database){
$this->link = mysql_connect($location, $username, $password) or die ("Could not Connect: ".mysql_error());
mysql_select_db($database) or die ('Could not select database: '.mysql_error());
Return true;
}
function query($query){
$this->query_id = mysql_query($query) or die ('Query failed: '.mysql_error());
Return true;
}
function output(){
$array = mysql_fetch_array($this->query_id, MYSQL_ASSOC);
Return $array;
}
function closelink(){
if(!empty($this->query_id)){
if(is_resource($this->query_id)){
mysql_free_result($this->query_id);
}
}
mysql_close($this->link);
}
}
class loginmanager{
function verify(){
if(empty($_SESSION['ingelogd']) || $_SESSION['ingelogd'] != true){
$this->makeloginscreen();
}
}
function verify_ERR401(){
if(empty($_SESSION['ingelogd']) || $_SESSION['ingelogd'] != true){
header('HTTP/1.0 401 Unauthorized');
die("HTTP/1.0 401 Unauthorized");
}
}
function makeloginscreen(){
$con = new database_connection();
$con->connect("location", "user", "password", "database");
if(isset($_POST['login']) && $_POST['login'] == "yes"){
if(isset($_POST['username']) && $_POST['username'] != ""){
$con->query("SELECT * FROM `login` WHERE `username` = '".$_POST['username']."'");
$num = count($con->query_id);
if($num <= 1){
if($num >= 1){
if(isset($_POST['password']) && $_POST['password'] != ""){
$USER = $con->output();
if(md5($_POST['password']) == $USER['password']){ //Succesvol ingelogd
$_SESSION['ingelogd'] = true;
$_SESSION['userid'] = $USER['id'];
$_SESSION['username'] = $USER['username'];
header("Location: index.php");
}else{ //Onsuccesvol ingelogd
$_SESSION['ingelogd'] = false;
header("Location: index.php");
}
}
}else{
$_SESSION['ingelogd'] = false;
header("Location: index.php");
}
}else{
die("ERROR, contact the webmaster with your login username about this");
}
}
$con->closelink();
}elseif(isset($_SESSION['ingelogd']) && $_SESSION['ingelogd'] == true){
header("Location: index.php");
}else{
echo "<form action=\"#\" method=\"post\">\n";
echo "\t<table>\n";
echo "\t\t<tr>\n\t\t\t<td>Username:</td>\n\t\t\t<td><input type=\"text\" name=\"username\"></input></td>\n\t\t</tr>\n";
echo "\t\t<tr>\n\t\t\t<td>Password:</td>\n\t\t\t<td><input type=\"password\" name=\"password\"></input></td>\n\t\t</tr>\n";
echo "\t\t<input type=\"hidden\" name=\"login\" value=\"yes\">\n";
echo "\t\t<tr>\n\t\t\t<td colspan=\"2\" align=\"right\"><input type=\"submit\" name=\"submit\" value=\"submit\"></td>\n\t\t</tr>\n";
echo "\t</table>\n</form>";
}
die();
}
}
?>[/code]
It also uses a database class I made to make easy database connections.
You can modify or just read the code and learn
BTW: To use, just include the page these classes are in and call the function verify() to see if the user is logged in, if he/she is she will she the page that is made under the verify() call else he/she will see the login form, and with verify_401(), they will see a black page with a 401 Unauthorized header sent to the browser.
EDIT: Reindented the code
RE: php login page by absorbation on 07-09-2006 at 09:49 PM
Ok, just to note, use a mysql database to check your login details, it is a must and is secure. If you want you can have 'My secret panel of secretness' which you know about .
RE: php login page by RaceProUK on 07-10-2006 at 10:44 AM
Also, don't store the passwords in raw text. Use encryption like RSA, or a hash like MD5 or SHA-1.
RE: php login page by stoshrocket on 07-10-2006 at 11:07 AM
quote: Originally posted by absorbation
Ok, just to note, use a mysql database to check your login details, it is a must and is secure. If you want you can have 'My secret panel of secretness' which you know about .
rofl, yays!! but a few hours too late.. me and ajd (ok, mainly ajd) fixed the problem using just php... (still, if you'd be kind enough to let me have it for learning and eventually upgrading purposes )
quote: Originally posted by RaceProUK
Also, don't store the passwords in raw text. Use encryption like RSA, or a hash like MD5 or SHA-1.
yeah, i'm using encryption for the passwords ^_^
anyways, so yeah, i fixed the problem... thanks for the help (and @ erza i've saved that code and i'm going to look over it to help me learn, thanks! )
|