Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- //Connection and select database go in here
- // username and password sent from form
- $myusername=$_POST['Email'];
- $mypassword=$_POST['User_Password'];
- // To protect MySQL injection
- $myusername = stripslashes($myusername);
- $mypassword = stripslashes($mypassword);
- $myusername = mysql_real_escape_string($myusername);
- $mypassword = mysql_real_escape_string($mypassword);
- $sql="SELECT User_ID, Email, User_Password FROM $tbl_name WHERE Email='$myusername' and User_Password='$mypassword'";
- $result=mysql_query($sql);
- // Mysql_num_row counts table row
- $count=mysql_num_rows($result);
- // If result matched $myusername and $mypassword, table row must be 1 row
- if($count==1){
- // is_auth to make sure they can view other pages that need credentials.
- $_SESSION['is_auth'] = true;
- $_SESSION['User_ID'] = $result->User_ID;
- // Once the sessions variables have been set, redirect them to the landing page / home page.
- header('location: ../View/main.php');
- exit;
- }
- else {
- $error = "Please enter an email and password to login.";
- }
- header("location:../View/mainUnauthenticated.php");
- <?php
- session_start();
- echo $_SESSION['User_ID'];
- // Test the session to see if is_auth flag was set (meaning they logged in successfully)
- // If test fails, send the user to homepage and prevent rest of page being shown.
- if (!isset($_SESSION["is_auth"])) {
- header("location: ../View/mainUnauthenticated.php");
- exit;
- }
- else if (isset($_REQUEST['logout']) && $_REQUEST['logout'] == "true") {
- // At any time we can logout by sending a "logout" value which will unset the "is_auth" flag.
- // We can also destroy the session if so desired.
- unset($_SESSION['is_auth']);
- session_destroy();
- // After logout, send them back to homepage
- header("location: ../View/mainUnauthenticated.php");
- exit;
- }
- ?>
- <?php include('../Controller/is_auth.php')
- ?>
- <p>
- <input type="text" name="User_ID" id="User_ID" value="<?php echo $_SESSION['User_ID'];?>"/>
- </p>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement