Loggin in

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Aaron
Forum Commoner
Posts: 82
Joined: Sun May 12, 2002 2:51 pm

Loggin in

Post by Aaron »

Ive wrote alot of my news system, but Im running into trouble with the log in.

What I want, is some code to put in my header, that is on all my pages...what it should do is check a cookie for user and pass, then check then see if they are admin or normal user in the database.
then if admin then you can edit any and everything. (add news, edit new, delete news, add user, edit user, delete user,)
If your normal then you can do this; add news, edit your own news, delete your own news, and edit your account...

any tuts or script for me?
User avatar
RandomEngy
Forum Contributor
Posts: 173
Joined: Wed Jun 26, 2002 3:24 pm
Contact:

Post by RandomEngy »

Well, to start you can learn about sessions. Basically you have session_start(); at the top of every page, and that allows you to use $_SESSION variables, that stay around as the user navigates the site. Don't bother with session_register(). A good way to use this is when the user logs on, put their submitted username and password in $_SESSION, e.g. $_SESSION['user'] = $_POST['user']; Then when you want to check if someone should see a page or not, you check that. You could also use $_SESSION to store information as to whether your user is an admin or not:

Code: Select all

if( /* result from database says user is admin */ )
$_SESSIONї'status'] = "admin";
To log out send them to a logout page that looks like this:

Code: Select all

<?php
session_start();
session_destroy();
// print logged out message or send them to somewhere else
?>
Hope this gets you on the right track. I don't know of any pre-made scripts since I am writing my login system from scratch.
Aaron
Forum Commoner
Posts: 82
Joined: Sun May 12, 2002 2:51 pm

Post by Aaron »

I have made a login.php (well Epyon did)

Code: Select all

<? 
ob_start("ob_gzhandler");
include("includes/header.php");

if($action == "logout") &#123;setcookie("author", "", "", "$cookiedir", "$cookiedom");
	setcookie("password", "", "", "$cookiedir", "$cookiedom");
	echo "<div align=center><font face=$font><b>- Success - </b><br>You are now logged out</font></div>";
	echo "<script>function redirect() &#123; window.location.replace('index.php'); &#125;\n";
	echo "setTimeout('redirect();', 1500);</script>\n";&#125;
	   
	   else&#123;
	   
	   if($action == "forgot")
	   &#123;if($remindsubmit)
	   &#123;$time = time();

		    if($forgot > ($time - 21600)) &#123;
			echo "<div align=center><font face=$font><b>- Error - </b><br>You cannot use this feature more than once every 6 hours.</font></div></p>";

			 echo "<script>function redirect() &#123; window.location.replace('index.php'); &#125;\n";
			 echo "setTimeout('redirect();', 1500);</script>\n";&#125;
			 else 
			 &#123;$query = mysql_query("SELECT author, password FROM ".$prefix."_users WHERE email = '$email'");
			 $result = mysql_fetch_array($query);
	
			if(!$result&#1111;author]) &#123;
				echo "<div align=center><font face=$font><b>- Error - </b><br>No user found with that e-mail adress</font></div>";
			&#125; else &#123;
				mail("$email", "Here is your account info, don't forget it.\n\nauthor: $result&#1111;author]\npassword: $result&#1111;password]", "From: Azz@unknownzone.org");
				setcookie("forgot", $time, mktime(0,0,0,0,0,2020), "$cookiedir", "$cookiedom");
				echo "<div align=center><font face=$font><b>- Success - </b><br>Your author and password has been sent to you</font></div>";
				echo "<script>function redirect() &#123; window.location.replace('index.php'); &#125;\n";
				echo "setTimeout('redirect();', 1500);</script>\n";&#125;&#125;&#125;

	elseif(!$remindsubmit) 
	   &#123;echo " <b><font=$font>- Forgot -</b></font><br>";
		echo "		<form action='login.php?action=forgot' method='post'>\n";
		echo "		<input type='text' name='email'>Your Email Address<br />\n";
		echo "		<input type='submit' name='remindsubmit' value='Remind'></form>\n";&#125;&#125;	

elseif($loginsubmit) 
    &#123;$query = mysql_query("SELECT author, password FROM ".$prefix."_users WHERE author = '$author'");
	$result = mysql_fetch_array($query);

	if(!$result&#1111;author]) 
	&#123;echo "<div align=center><font face=$font><b>- Error - </b><br>$author is not a registered user</font></div>";&#125;
	
	elseif($result&#1111;password] != $password) 
	&#123;echo "<div align=center><font face=$font><b>- Error - </b><br>The password you entered is incorrect</font></div>";&#125;

	else &#123;setcookie("author", $result&#1111;author], mktime(0,0,0,0,0,2020), "$cookiedir", "$cookiedom");
		  setcookie("password", $password, mktime(0,0,0,0,0,2020), "$cookiedir", "$cookiedom");
	
		echo "<div align=center><font face=$font><b>- Success - </b><br>You are now logged in, $author</font></div>";
		echo "<script>function redirect() &#123; window.location.replace('index.php'); &#125;\n";
		echo "setTimeout('redirect();', 1500);</script>\n";&#125;&#125;

else &#123;
?>

	<h1>login</h1>

	<p>
		<form action='login.php' method='post'>
		<input type='text' name='author'> author<br />
		<input type='password' name='password'> Password<br />
		<input type='submit' name='loginsubmit' value='Login'></form>

		<a href='login.php?action=forgot'>forgot your author or password?</a>
	</p>

<?
&#125;

include("includes/footer.php");&#125;
?>
User avatar
protokol
Forum Contributor
Posts: 353
Joined: Fri Jun 21, 2002 7:00 pm
Location: Cleveland, OH
Contact:

Post by protokol »

Guys, please don't post code that relies on register_globals being on. If you're going to post code, then use $_POST $_GET $_SESSION $_COOKIE, etc.

It will make our lives a hell of a lot easier when explaining to the new users why their code isn't working with the new versions of PHP. Thank you
Aaron
Forum Commoner
Posts: 82
Joined: Sun May 12, 2002 2:51 pm

Post by Aaron »

Im actually on PHP 4.1, so thats not a problem, although I should code it for 4.2 :S
User avatar
cheatboy00
Forum Contributor
Posts: 151
Joined: Sat Jun 29, 2002 10:36 am
Location: canada
Contact:

Post by cheatboy00 »

protokol wrote:Guys, please don't post code that relies on register_globals being on. If you're going to post code, then use $_POST $_GET $_SESSION $_COOKIE

where can i get more info on this type of code. ?
Aaron
Forum Commoner
Posts: 82
Joined: Sun May 12, 2002 2:51 pm

Post by Aaron »

BUMP
Post Reply