<?php
// Inialize session
session_start();
// Check, if user is already login, then jump to secured page
if (isset($_SESSION['email'])) {
header('Location: securedpage.php');
}
?>
<html>
<head>
<title>PHPMySimpleLogin 0.3</title>
</head>
<body>
<form method="POST" action="loginproc.php">
<div style="height:300px; width:400px; float:left" align="left">
<div style="height:20; width:400px; float:left"> </div>
<div style="height:20; width:180px; float:left" align="right">email</div>
<div style="height:20; width:20px; float:left"> </div>
<div style="height:20; width:200px; float:left" align="left"><input type="text" name="email" size="20"></div>
<div style="height:20; width:400px; float:left"> </div>
<div style="height:20; width:180px; float:left" align="right">Password</div>
<div style="height:20; width:20px; float:left"> </div>
<div style="height:20; width:200px; float:left" align="left"><input type="password" name="password" size="20"></div>
<div style="height:20; width:400px; float:left"> </div>
<div style="height:20; width:400px; float:left" align="center"><input type="submit" value="Login"></div>
</div>
</form>
</body>
</html>
2. Page loginproc.php
<?php
// Inialize session
session_start();
// Include database connection settings
include ("includeconf.php");
// Retrieve username and password from database according to user's input
$login = mysql_query("SELECT * FROM register WHERE (email = '" . mysql_real_escape_string($_POST['email']) . "') and (password1 = '" . mysql_real_escape_string($_POST['password']) . "')");
// Check username and password match
if (mysql_num_rows($login) == 1) {
// Set username session variable
$_SESSION['email'] = $_POST['email'];
// Jump to secured page
header('Location: securedpage.php');
}
else {
// Jump to login page
header('Location: login.php');
}
?>
3. page includeconf.php
<?php
$hostname = "localhost";
$username = "kesavan";
$password = "password123";
$dbname = "test1";
$conn = mysql_connect($hostname,$username,$password);
$dbhandle = mysql_select_db($dbname);
if(!$conn) echo "Unable to connect $hostname" . mysql_error();
if(!$dbhandle) echo "Unable to connect databse" . mysql_error();
?>
4. page securedpage.php
<?php
ob_start();
// Inialize session
session_start();
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['email'])) {
header('Location: login.php');
}
?>
<html>
<head>
<title>Secured Page</title>
</head>
<body>
<p>This is secured page with session: <b><?php echo $_SESSION['email']; ?></b>
<br>You can put your restricted information here.</p>
<p><a href="logout.php">Logout</a></p>
</body>
</html>
5. page logout.php
<?php
ob_start();
// Inialize session
session_start();
// Delete certain session
unset($_SESSION['email']);
// Delete all session variables
// session_destroy();
// Jump to login page
header('Location: login.php');
?>
Image
No comments:
Post a Comment