Jump to content

Making members area on site


Ragnos
 Share

Recommended Posts

I want to make a members area on my site wich consists of multiple pages wich should only be accesible by members who logged in.I know how to make a login script and redirect to the 'main' members page if the password and username are correct, but what if someone types the url of the members page in their browser? How do I check if they logged in? I have seen some sites where you get a pop-up box wich looks like a javascript pop-up box with a field for a username and a password when you try to enter the site without having logged in, but I have also read something about checking a session and redirecting to the login page. What is the best way to do this and how do you do it using the best way?

Link to comment
Share on other sites

First you have to set the sessions;

<?phpif ($_POST['login'] AND $_POST['username'] == 'admin' AND $_POST['password'] == 'adminpassword') {$_SESSION['name_on_session'] = TRUE;$_SESSION['username'] = $_POST['username'];}if ($_SESSION['name_on_session']) {echo 'Welcome back, ' . $_SESSION['username'];}else {?><form action="" method="post"><p>Username:<br /><input type="text" name="username" /></p><p>Password:<br /><input type="password" name="password" /></p><p><input type="submit" name="login" value="Login" /></p></form><?php}?>

The username is admin and the password is adminpassword here. I couldn't be bothered to write a login script that uses MySQL-database. Here's one in just PHP.Hope you get it :)Edit:I think something's wrong in the if post code (on the top) is wrong, because I'm not used to doing more than only one post lol

Edited by andersmoen
Link to comment
Share on other sites

The following is only a small idea.When user logs in, create a session called "loged" and set its value to "1".

<?session_start();$_SESSION["loged"] = "1";?>

Create a php file called "verify.php".

<?phpsession_start();if(empty($_SESSION['loged'])){	header("Location: login.php");	exit();}?>

The "logout.php" file:

<?phpsession_start();$_SESSION['loged'] = NULL;$_SESSION = array();session_destroy();header("Location: index.php");exit();?>

Link to comment
Share on other sites

The following is only a small idea.When user logs in, create a session called "loged" and set its value to "1".
<?session_start();$_SESSION["loged"]= "1";?>

Create a php file called "verify.php".

<?phpsession_start();if(empty($_SESSION['loged'])){	header("Location: login.php");	exit();}?>

The "logout.php" file:

<?phpsession_start();$_SESSION['loged'] = NULL;$_SESSION = array();session_destroy();header("Location: index.php");exit();?>

So if I do it like that I can be sure that noone can enter the protected pages without having logged in first?
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...