Jump to content

Simple Login


smiles
 Share

Recommended Posts

Well, just need visitor type the password and ... then jump to the checklogin.php for checkingIf what is typed similar to my password that I set then redirect to another page, else back to the first page$pass = $_POST['passwordField'];if ($pass == 'myPassword') { ??? }else { ??? }I want to ask about the code for directing page ?Thanks !!!

Link to comment
Share on other sites

if the user knows the url of the "protected" page they can just type it in and bypass your login. you need to set sessiosn when they login correctly and check to see if the seesions are correct on every protected page.

Link to comment
Share on other sites

if the user knows the url of the "protected" page they can just type it in and bypass your login. you need to set sessiosn when they login correctly and check to see if the seesions are correct on every protected page.
set session ... uhm maybe I know itbut " check to see if the seesions are correct on every protected page." seems strange to meHow can I do that ???
Link to comment
Share on other sites

login page

session_start();//////$pass = $_POST['passwordField'];if ($pass == 'myPassword'){  $_SESSION["login"] = "yes";  $URL = "correctpage.php";}if(isset($_SESSION["login"]) && $_SESSION["login"] == "yes")  header ("Location: $URL");

correctpage.php

session_start();if(!isset($_SESSION["login"]) || $_SESSION["login"] != "yes")  header("Location: login.php");//Session is set so contiue with rest of page////

Link to comment
Share on other sites

Thanks Aspnetguy :)It works great !!!do you think should I put these code for all the rest pages

session_start();if(!isset($_SESSION["login"]) || $_SESSION["login"] != "yes")  header("Location: login.php");

Edited by smiles
Link to comment
Share on other sites

You would want to put that code at the top of every page that requires the user be authenticated. You could add an element to the login.php form as well so that it can recognize where it came from and redirect them back to that same page they were requesting.

Link to comment
Share on other sites

I want to ask, does it create cookie so when you log in successfully, you can easily navigate to all pages without asking password the second time (twice) ?If I want to try my code again, so I must delete all Cookies ???thanks !!!

Link to comment
Share on other sites

It stores a cookie, but the only thing the cookie contains is a session ID. PHP uses that session ID to look up the session information for that user. So there is a cookie there, but the information you store in the session is not what is in the cookie. If you want to store that information in the cookie, then you need to do that explicitly with setcookie. But even though there is a cookie involved, you still need to check it on every page. It's up to you to do whatever checking you want or need to do, so just because someone logs in and gets a cookie doesn't mean that every other page is automatically protected without you needing to do anything else, you still need to check.Also, session cookies get deleted as soon as you close the browser or leave the website. I think. I know they get deleted when you close the browser.

Link to comment
Share on other sites

  • 1 month later...

I would say to make the password not simple/easily guessed (a word that is related to your site). Don't use words that are found in dictionaries, and use non alpha-numeric characters. Make the password long (not too long that people can't remember, have to write down if it's sensitive information, etc.) Use hash functions such as SHA-1.Read this from microsoft.com about strong passwordshttp://www.microsoft.com/athome/security/p...y/password.mspxUse this if you want to check if your password(s) are weak, medium, strong, or besthttp://www.microsoft.com/athome/security/p...rd_checker.mspx

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...