New Post has been published on http://www.ismailkeles.info/user-login-form-using-php-with-session.html
User Login Form Using PHP [With Session]
In this post, you’ll learn to manipulate Web pages with user logins, using PHP’s session and cookie functions. You’ll create a useful login application that you can use in conjunction with the applications you have created thus far.
Session and cookie functions are two of the most fundamental, important, and useful functions you will encounter in the PHP programming language. PHP sessions, you can combat hackers or the general public from “stumbling” onto your sensitive files and directories.
Friendlier Logins Using PHP’s Session and Cookie Functions
Sessions and cookies are used to distinguish users apart from one another and to allow or not allow certain users to access pages you want only certain users to see. Asessionis a variable that is kept alive on the server side when someone navigates to a site or page. You can then use this information when tracking a user throughout the site for logins, user preferences, privileges for pages, and much more. Cookies work in a similar fashion, although they are stored on a user’s computer and allow the user to look at that file if he or she chooses to do so.
Using PHP for Logins [Exercise Section]
In this exercise, you’ll use some code within PHP itself to authorize the user’s username and password:
Save as (template.php) <?php include 'auth.inc.php'; ?> <html> <head> <title>starting coding</title> </head> <body> <h1>This is the Template Page</h1> </body> </html>
(Save as auth.inc.php) <?php session_start(); if ($_SESSION['logged'] != 1) $redirect = $_SERVER['PHP_SELF']; header("Refresh: 5; URL=login.php?redirect=$redirect"); echo "You are being redirected to the login page!<br>"; echo "(If your browser doesn't support this, <a href=\"login.php?redirect=$redirect\">click here</a>)"; die(); ?>
Now that you have the template page and the authorization page done, you can create the login page, login.php, that you use to create the sessions that allow you to gain access to your protected pages. Enter the following code, which actually does the login authorization and the creation of the session for the user once he or she has successfully provided the correct username and password:
(Save as login.php) <?php session_start(); $_SESSION['logged'] = 0; if (isset($_POST['submit'])) if ($_POST['username'] == "ismail" && $_POST['password'] == "imran") $_SESSION['logged'] = 1; header ("Refresh: 5; URL=" . $_POST['redirect'] . ""); echo "You are being redirected to your original page request!<br>"; echo "(If your browser doesn't support this, <a href=\"" . $_POST['redirect']. "\">click here</a>)"; else ?> <html> <head> <title>started coding</title> </head> <body> Invalid Username and/or Password<br><br> <form action="login.php" method="post"> <input type="hidden" name="redirect" value="<?php echo $_POST['redirect']; ?>"> Username: <input type="text" name="username"><br> Password: <input type="password" name="password"><br><br> <input type="submit" name="submit" value="Login"> </form> <?php else ?> <html> <head> <title>started coding</title> </head> <body> You must be logged in to view this page<br><br> <form action="login.php" method="post"> <input type="hidden" name="redirect" value="<?php echo $_GET['redirect']; ?>"> Username: <input type="text" name="username"><br> Password: <input type="password" name="password"><br><br> <input type="submit" name="submit" value="Login"> </form> <?php ?> </body> </html>
Navigate to the template.ph ppage you created. Because you haven’t logged in, the auth.inc.ph pfile you included redirects you to the login.php page that requires you to log in to view the initial page you requested. Try inputting the incorrect information so you can see how the login page works. You will see a screen similar to the one shown in Fig. down.
Username: ismail, password: imran
Input the correct information: ismail for the username and imran for the password. At this point, you are redirected to the page you originally requested because you supplied the correct information. You will see a screen similar to Figure down.
Source: PHP5, apache and Mysql Development