Page 1 of 1
Loggin in
Posted: Fri Jul 12, 2002 2:37 pm
by Aaron
Ive wrote alot of my news system, but Im running into trouble with the log in.
What I want, is some code to put in my header, that is on all my pages...what it should do is check a cookie for user and pass, then check then see if they are admin or normal user in the database.
then if admin then you can edit any and everything. (add news, edit new, delete news, add user, edit user, delete user,)
If your normal then you can do this; add news, edit your own news, delete your own news, and edit your account...
any tuts or script for me?
Posted: Fri Jul 12, 2002 2:53 pm
by RandomEngy
Well, to start you can learn about sessions. Basically you have session_start(); at the top of every page, and that allows you to use $_SESSION variables, that stay around as the user navigates the site. Don't bother with session_register(). A good way to use this is when the user logs on, put their submitted username and password in $_SESSION, e.g. $_SESSION['user'] = $_POST['user']; Then when you want to check if someone should see a page or not, you check that. You could also use $_SESSION to store information as to whether your user is an admin or not:
Code: Select all
if( /* result from database says user is admin */ )
$_SESSIONї'status'] = "admin";
To log out send them to a logout page that looks like this:
Code: Select all
<?php
session_start();
session_destroy();
// print logged out message or send them to somewhere else
?>
Hope this gets you on the right track. I don't know of any pre-made scripts since I am writing my login system from scratch.
Posted: Fri Jul 12, 2002 3:34 pm
by Aaron
I have made a login.php (well Epyon did)
Code: Select all
<?
ob_start("ob_gzhandler");
include("includes/header.php");
if($action == "logout") {setcookie("author", "", "", "$cookiedir", "$cookiedom");
setcookie("password", "", "", "$cookiedir", "$cookiedom");
echo "<div align=center><font face=$font><b>- Success - </b><br>You are now logged out</font></div>";
echo "<script>function redirect() { window.location.replace('index.php'); }\n";
echo "setTimeout('redirect();', 1500);</script>\n";}
else{
if($action == "forgot")
{if($remindsubmit)
{$time = time();
if($forgot > ($time - 21600)) {
echo "<div align=center><font face=$font><b>- Error - </b><br>You cannot use this feature more than once every 6 hours.</font></div></p>";
echo "<script>function redirect() { window.location.replace('index.php'); }\n";
echo "setTimeout('redirect();', 1500);</script>\n";}
else
{$query = mysql_query("SELECT author, password FROM ".$prefix."_users WHERE email = '$email'");
$result = mysql_fetch_array($query);
if(!$resultїauthor]) {
echo "<div align=center><font face=$font><b>- Error - </b><br>No user found with that e-mail adress</font></div>";
} else {
mail("$email", "Here is your account info, don't forget it.\n\nauthor: $resultїauthor]\npassword: $resultїpassword]", "From: Azz@unknownzone.org");
setcookie("forgot", $time, mktime(0,0,0,0,0,2020), "$cookiedir", "$cookiedom");
echo "<div align=center><font face=$font><b>- Success - </b><br>Your author and password has been sent to you</font></div>";
echo "<script>function redirect() { window.location.replace('index.php'); }\n";
echo "setTimeout('redirect();', 1500);</script>\n";}}}
elseif(!$remindsubmit)
{echo " <b><font=$font>- Forgot -</b></font><br>";
echo " <form action='login.php?action=forgot' method='post'>\n";
echo " <input type='text' name='email'>Your Email Address<br />\n";
echo " <input type='submit' name='remindsubmit' value='Remind'></form>\n";}}
elseif($loginsubmit)
{$query = mysql_query("SELECT author, password FROM ".$prefix."_users WHERE author = '$author'");
$result = mysql_fetch_array($query);
if(!$resultїauthor])
{echo "<div align=center><font face=$font><b>- Error - </b><br>$author is not a registered user</font></div>";}
elseif($resultїpassword] != $password)
{echo "<div align=center><font face=$font><b>- Error - </b><br>The password you entered is incorrect</font></div>";}
else {setcookie("author", $resultїauthor], mktime(0,0,0,0,0,2020), "$cookiedir", "$cookiedom");
setcookie("password", $password, mktime(0,0,0,0,0,2020), "$cookiedir", "$cookiedom");
echo "<div align=center><font face=$font><b>- Success - </b><br>You are now logged in, $author</font></div>";
echo "<script>function redirect() { window.location.replace('index.php'); }\n";
echo "setTimeout('redirect();', 1500);</script>\n";}}
else {
?>
<h1>login</h1>
<p>
<form action='login.php' method='post'>
<input type='text' name='author'> author<br />
<input type='password' name='password'> Password<br />
<input type='submit' name='loginsubmit' value='Login'></form>
<a href='login.php?action=forgot'>forgot your author or password?</a>
</p>
<?
}
include("includes/footer.php");}
?>
Posted: Fri Jul 12, 2002 4:36 pm
by protokol
Guys, please don't post code that relies on register_globals being on. If you're going to post code, then use $_POST $_GET $_SESSION $_COOKIE, etc.
It will make our lives a hell of a lot easier when explaining to the new users why their code isn't working with the new versions of PHP. Thank you
Posted: Fri Jul 12, 2002 5:36 pm
by Aaron
Im actually on PHP 4.1, so thats not a problem, although I should code it for 4.2 :S
Posted: Fri Jul 12, 2002 9:06 pm
by cheatboy00
protokol wrote:Guys, please don't post code that relies on register_globals being on. If you're going to post code, then use $_POST $_GET $_SESSION $_COOKIE
where can i get more info on this type of code. ?
Posted: Sun Jul 14, 2002 7:18 am
by Aaron
BUMP