Mega Code Archive

 

Categories / Php / Authentication

 

Complete, simple working example of login screen and check on a unique

page using php functions, cookies and mysql database. <?php if (!$mysql_login) { // check if $username and $password are passed through as query string if($username && $password) { include("./dbConn.php3"); // If you want to have the passwords in the databases crypted. $password = md5($password); $loc="Location: http://$SERVER_NAME$SCRIPT_NAME";. $sql = "select Password from users_t where Username='$username'"; $r = mysql_db_query($db,$sql); //check if the result of the query has at least one row.Or it will redirect the page. if(!mysql_num_rows($r)) header($loc); $user = mysql_fetch_array($r); if($user["Password"] == $password) { //note the space between the username and the passoword. It will be //used below to slice the cookie. setcookie("mysql_login","$username $password"); $msg = "<meta http-equiv=\"Refresh\" content=\"0;url=$SCRIPT_NAME\">"; //The use of the http header is inconsistent with many browser if you have //already setted a cookie. So, after the setcookie command the script uses //the meta tag to obtain the same result. }else{ header($loc); } }else{ ?> <html> <title>Login to PHP Coders DB</title> <body bgcolor="yellow" text="black"> <form method="post" action="<?php echo($SCRIPT_NAME)?>"> <center><font size=+5><b>Welcome!</b></font></center> <br><br><br> <table cellspacing=0 cellpadding=0 width=320 align="center"> <tr><td>Username:</td><td> <tr><td><input name="username" type="text" width=10></td></tr> <tr><td>Password: </td><td> <tr><td><input name="password" type="password" width=10></td></tr> <tr><td colspan=2 align="center"><input name="login" type="submit"></td></tr> </form> </table> <body> </html> <?php die(); //This will prevent PHP from showing actual page. See above. } }else{ //include("./dbConn.php3"); $chk=0; // Set an array called $user with the contents of the cookie //sliced at the space between username and password, see above. $user = explode(" ","$mysql_login"); $sql = "select Password from users_t where username='$user[0]'"; $r = mysql_db_query($db,$sql); //check if the result of the query has at least one row.Or it set the $chk variable. if(!mysql_num_rows($r)) $chk=1; $chkusr = mysql_fetch_array($r); if ($user[1]!=$chkusr["Password"]) $chk=1; if ($chk) { // To reset the cookie, the setcookie function is used here without argoument. setcookie("mysql_login"); // see above. echo("<meta http-equiv=\"Refresh\" content=\"0;url=$SCRIPT_NAME\">"); } } //After here the actual page starts and only registered user can see it. ?>