Shoutbox

php login page - Printable Version

-Shoutbox (https://shoutbox.menthix.net)
+-- Forum: MsgHelp Archive (/forumdisplay.php?fid=58)
+--- Forum: Skype & Technology (/forumdisplay.php?fid=9)
+---- Forum: Tech Talk (/forumdisplay.php?fid=17)
+----- Thread: php login page (/showthread.php?tid=62930)
php login page by stoshrocket on 07-09-2006 at 09:17 PM

i'm creating an admin area for my site and basically im stuck on the login area...

i know how to create the password check (checking the password entered against the correct password), but i don't know how to code say, 'if the password is right, goto this page, if not, echo w/e'... any ideas?

RE: php login page by matty on 07-09-2006 at 09:19 PM

http://pscode.com/...&lngWId=8&B1=Quick+Search

RE: php login page by Ezra on 07-09-2006 at 09:27 PM

I once made myselve this class to manage my login pages

[code]<?
class database_connection{

  var $query_id;
  var $link;

  function connect($location, $username, $password, $database){
    $this->link = mysql_connect($location, $username, $password) or die ("Could not Connect: ".mysql_error());
    mysql_select_db($database) or die ('Could not select database: '.mysql_error());
    Return true;
  }
  function query($query){
  $this->query_id = mysql_query($query) or die ('Query failed: '.mysql_error());
  Return true;
  }
  function output(){
    $array = mysql_fetch_array($this->query_id, MYSQL_ASSOC);
    Return $array;
  }
  function closelink(){
    if(!empty($this->query_id)){
      if(is_resource($this->query_id)){
        mysql_free_result($this->query_id);
      }
    }
    mysql_close($this->link);
  }
}


class loginmanager{
 
  function verify(){
    if(empty($_SESSION['ingelogd']) || $_SESSION['ingelogd'] != true){
      $this->makeloginscreen();
    }
  }
  function verify_ERR401(){
    if(empty($_SESSION['ingelogd']) || $_SESSION['ingelogd'] != true){
      header('HTTP/1.0 401 Unauthorized');
      die("HTTP/1.0 401 Unauthorized");
    }
  }
  function makeloginscreen(){
    $con = new database_connection();
    $con->connect("location", "user", "password", "database");
   
    if(isset($_POST['login']) && $_POST['login'] == "yes"){
      if(isset($_POST['username']) && $_POST['username'] != ""){
        $con->query("SELECT * FROM `login` WHERE `username` = '".$_POST['username']."'");
        $num = count($con->query_id);
        if($num <= 1){
          if($num >= 1){
            if(isset($_POST['password']) && $_POST['password'] != ""){
              $USER = $con->output();
              if(md5($_POST['password']) == $USER['password']){    //Succesvol ingelogd
                $_SESSION['ingelogd'] = true;
                $_SESSION['userid'] = $USER['id'];
                $_SESSION['username'] = $USER['username'];
                header("Location: index.php");
              }else{                                                //Onsuccesvol ingelogd
                $_SESSION['ingelogd'] = false;
                header("Location: index.php");
              }
            }
          }else{
            $_SESSION['ingelogd'] = false;
            header("Location: index.php");
          }
        }else{
          die("ERROR, contact the webmaster with your login username about this");
        }
      }
      $con->closelink();
    }elseif(isset($_SESSION['ingelogd']) && $_SESSION['ingelogd'] == true){
      header("Location: index.php");
    }else{
      echo "<form action=\"#\" method=\"post\">\n";
      echo "\t<table>\n";
      echo "\t\t<tr>\n\t\t\t<td>Username:</td>\n\t\t\t<td><input type=\"text\" name=\"username\"></input></td>\n\t\t</tr>\n";
      echo "\t\t<tr>\n\t\t\t<td>Password:</td>\n\t\t\t<td><input type=\"password\" name=\"password\"></input></td>\n\t\t</tr>\n";
      echo "\t\t<input type=\"hidden\" name=\"login\" value=\"yes\">\n";
      echo "\t\t<tr>\n\t\t\t<td colspan=\"2\" align=\"right\"><input type=\"submit\" name=\"submit\" value=\"submit\"></td>\n\t\t</tr>\n";
      echo "\t</table>\n</form>";
    }   
    die();
  }
}
?>[/code]

It also uses a database class I made to make easy database connections.

You can modify or just read the code and learn :)

BTW: To use, just include the page these classes are in and call the function verify() to see if the user is logged in, if he/she is she will she the page that is made under the verify() call else he/she will see the login form, and with verify_401(), they will see a black page with a 401 Unauthorized header sent to the browser.

EDIT: Reindented the code

RE: php login page by absorbation on 07-09-2006 at 09:49 PM

Ok, just to note, use a mysql database to check your login details, it is a must and is secure. If you want you can have 'My secret panel of secretness' which you know about :P.

RE: php login page by RaceProUK on 07-10-2006 at 10:44 AM

Also, don't store the passwords in raw text. Use encryption like RSA, or a hash like MD5 or SHA-1.

RE: php login page by stoshrocket on 07-10-2006 at 11:07 AM

quote:
Originally posted by absorbation
Ok, just to note, use a mysql database to check your login details, it is a must and is secure. If you want you can have 'My secret panel of secretness' which you know about :P.
rofl, yays!! but a few hours too late.. me and ajd (ok, mainly ajd) fixed the problem using just php... 8-) (still, if you'd be kind enough to let me have it for learning and eventually upgrading purposes :cheesy:)
quote:
Originally posted by RaceProUK
Also, don't store the passwords in raw text. Use encryption like RSA, or a hash like MD5 or SHA-1.
yeah, i'm using encryption for the passwords ^_^

anyways, so yeah, i fixed the problem... thanks for the help (and @ erza i've saved that code and i'm going to look over it to help me learn, thanks! :happy:)