Php User login script

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
mtb211
Forum Newbie
Posts: 15
Joined: Sun Dec 14, 2008 11:32 am

Php User login script

Post by mtb211 »

I can not seem to find a freeware login script for php. I have created a database and I would like to use login software such as loginmanv3
but I can not seem to install it at the moment... anyone know of a good freeware software...

I would like a login php logout... and just something so clients can download files that I upload


thanks in advance!

Matt
User avatar
The_Anomaly
Forum Contributor
Posts: 196
Joined: Fri Aug 08, 2008 4:56 pm
Location: Tirana, Albania

Re: Php User login script

Post by The_Anomaly »

MichaelR
Forum Contributor
Posts: 148
Joined: Sat Jan 03, 2009 3:27 pm

Re: Php User login script

Post by MichaelR »

Here's a simple login script that I use:

Code: Select all

 
<?php
 
if (isset($_POST["submit"])) {
 
 $username = mysql_real_escape_string($_POST["username"]);
 $password = mysql_real_escape_string($_POST["password"]);
 
 $sql = "SELECT `id` FROM `users` WHERE `username` = '".$username."' AND `password` = '".$password."' LIMIT 1";
 
 $result = mysql_fetch_array(mysql_query($sql));
 
 if (empty($result["id"]))
  header("Location: index.php");
 
 else {
 
  session_start();
 
  $_SESSION["id"] = $result["id"];
 
  header("Location: main.php");
 
 }
 
}
 
?>
 
And for a logout script (note: it assumes that any non-logged-in user who tries to access this page must be redirected to the index page):

Code: Select all

 
<?php
 
 session_start();
 
 if (isset($_SESSION["id"]))
  session_destroy();
 
 header("Location: index.php");
 
?>
 
Post Reply