Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // File: includes.php
- <?php
- // Login Script
- if(isset($_POST['login'])){
- // Grab the username based on the form entry...
- $usr_name = mysql_real_escape_string(addslashes($_POST['usr_name']));
- $usr_pass = mysql_real_escape_string(addslashes($_POST['usr_pass']));
- // Compare entries based on SQL or RAW variables.
- // For the sake of this example, we will use RAW variables... but you will want to use an SQL table for dynamic users.
- $username = 'Foo';
- $password = 'Bar';
- $userid = '1'; // Would be grabbed from a table.
- if($usr_name != $username){
- echo 'There was a problem with the username or password you entered. Please go back and try again.';
- }
- elseif($usr_password != $password){
- echo 'There was a problem with the username or password you entered. Please go back and try again.';
- }
- else{
- // Preform login...
- setcookie('user',$userid,time()+3600);
- echo 'Congratulations, your login was successful.';
- }
- }
- // End Login Script
- ?>
- // FIle: logout.php
- <?php
- // Logout Script...
- if(isset($_GET['usr']){
- setcookie('user',$_GET['user'],time()-5200);
- }
- else{
- echo 'No valid cookie id... you fail at php nub.';
- }
- ?>
- // File: index.php
- <php
- require('includes.php');
- // Check to see if user is logged in...
- if(isset($_COOKIE['user'])){
- // Extra check for security... Compare with the DB / Raw variable.
- // Normally you would do an SQL statement to see if the Id exists, but in our example we will just draw the raw variable from the includes.php.
- $realid = '1'; // Again would be drawn from a DB query.
- if($realid != $userid){
- echo 'Your cookie was falsely set, please <a href="logout.php?usr=' . $userid . '">Logout</a> and attempt to login again.';
- }
- else{
- echo 'Main page, logged in... hello world!';
- //Here is where you would put your main page's content... whatever that might be.
- }
- }
- else{
- //Not logged in, ergo print the login form.
- echo '<form action="" method="post">',
- 'Username: <input type="text" name="usr_name" /><br />',
- 'Password: <input type="password" name="usr_password" /><br />',
- '<input type="submit" name="login" value="Process Login" />';
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement