Code: <?php function createsessions($username,$password) { //Add additional member to Session array as per requirement session_register(); $_SESSION["gdusername"] = $username; $_SESSION["gdpassword"] = md5($password); if(isset($_POST['remme'])) { //Add additional member to cookie array as per requirement setcookie("gdusername", $_SESSION['gdusername'], time()+60*60*24*100, "/"); setcookie("gdpassword", $_SESSION['gdpassword'], time()+60*60*24*100, "/"); return; } } function clearsessionscookies() { unset($_SESSION['gdusername']); unset($_SESSION['gdpassword']); session_unset(); session_destroy(); setcookie ("gdusername", "",time()-60*60*24*100, "/"); setcookie ("gdpassword", "",time()-60*60*24*100, "/"); } function confirmUser($username,$password) { // $md5pass = md5($password); // Not needed any more as pointed by ted_chou12 /* Validate from the database but as for now just demo username and password */ if($username == "demo" && $password = "demo") return true; else return false; } function checkLoggedin() { if(isset($_SESSION['gdusername']) AND isset($_SESSION['gdpassword'])) return true; elseif(isset($_COOKIE['gdusername']) && isset($_COOKIE['gdpassword'])) { if(confirmUser($_COOKIE['gdusername'],$_COOKIE['gdpassword'])) { createsessions($_COOKIE['gdusername'],$_COOKIE['gdpassword']); return true; } else { clearsessionscookies(); return false; } } else return false; } ?> index.php PHP Code: Code: <?php ob_start(); session_start(); require_once ("functions.php"); if (checkLoggedin()) echo "<H1>You are already logged in - <A href = \"login.php?do=logout\">logout</A></h1>"; else echo "<H1>You are not logged in - <A href = \"login.php\">login</A></h1></h1>"; ?> login.php PHP Code: Code: <?php ob_start(); session_start(); require_once ("functions.php"); $returnurl = urlencode(isset($_GET["returnurl"])?$_GET["returnurl"]:""); if($returnurl == "") $returnurl = urlencode(isset($_POST["returnurl"])?$_POST["returnurl"]:""); $do = isset($_GET["do"])?$_GET["do"]:""; $do = strtolower($do); switch($do) { case "": if (checkLoggedin()) { echo "<H1>You are already logged in - <A href = \"login.php?do=logout\">logout</A></h1>"; } else { ?> <form NAME="login1" ACTION="login.php?do=login" METHOD="POST" ONSUBMIT="return aValidator();"> <input TYPE="hidden" name="returnurl" value="<?$returnurl?>"> <TABLE cellspacing="3"> <TR> <TD>Username:</TD> <TD><input TYPE="TEXT" NAME="username"></TD> <TD>Password:</TD> <TD><input TYPE="PASSWORD" NAME="password"></TD> </TR> <TR> <TD colspan="4" ALIGN="center"><input TYPE="CHECKBOX" NAME="remme"> Remember me for the next time I visit</TD> </TR> <TR> <TD ALIGN="CENTER" COLSPAN="4"><input TYPE="SUBMIT" name="submit" value="Login"></TD> </TR> </form> </TABLE> <? } break; case "login": $username = isset($_POST["username"])?$_POST["username"]:""; $password = isset($_POST["password"])?$_POST["password"]:""; if ($username=="" or $password=="" ) { echo "<h1>Username or password is blank</h1>"; clearsessionscookies(); header("location: login.php?returnurl=$returnurl"); } else { if(confirmuser($username,md5($password))) // As pointed out by asgard2005 { createsessions($username,$password); if ($returnurl<>"") header("location: $returnurl"); else { header("Location: index.php"); } } else { echo "<h1>Invalid Username and/Or password</h1>"; clearsessionscookies(); header("location: login.php?returnurl=$returnurl"); } } break; case "logout": clearsessionscookies(); header("location: index.php"); break; } ?>
Code: <html x> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Sessions Cookies</title> </head> <body> <?php //if (!isset($_GET['subpage'])) { //if (isset($_GET['error']) && $_GET['error'] == '1') { //?> <!--<font color="#FF0000"><b>ERROR: </b>Invalid username and/or password. Please try again.</font> --> <? //} ?> <form method="post" action="login.php" > Username:<br /> <input type="text" name="username" maxlength="50"> <br /><br /> Password:<br /> <input type="password" name="password" maxlength="50"> <br /><br /> <input type="submit" name="login" value="Login"> </form> </body> </html> <?php //} //else if (isset($_GET['subpage']) && $_GET['subpage'] == 'login') { $user_name = "root"; $password = ""; $database = "members1"; $server = "127.0.0.1"; $db_handle = mysql_connect($server, $user_name, $password); $db_found = mysql_select_db($database, $db_handle); $user = $_POST['username']; $pass = $_POST['password']; $db_found = mysql_select_db($database, $db_handle); if ($db_found) { $SQL = "select * from users where user='$user' AND pass='$pass'"; $result = mysql_query($SQL); // $usercheck2 = mysql_query("select * from users where user='$user' AND pass='$pass'"); //$usercheck = mysql_num_rows($SQL); if ($usercheck > '0') { setcookie("user", $user, time()+60*60*24*30, "/", ".yoursite.com", 0); setcookie("pass", $pass, time()+60*60*24*30, "/", ".yoursite.com", 0); header("Location: index.php"); } else { //header("Location: login.php?error=1"); } // mysql_close(); } } ?>
Yes This is not chat but a forum and that means you would not see me online but sooner or later I would reply and please maintain the decorum. You have done lot of things like db connectivity and other things but let me know what you want to know.
Hello Sir i am facing a problem in this script , that when i click on logout then it goes to lndex.php . After this if i click on browser's back button then it again show the previous logined page but it shouldn't . plzz guide about this problem. thank you
thnx! for the code posted i was also looking for it. will this code provide us the remember me feature?
A couple of questions though: 1. How can you add a time stamp to each IP logged. 2. Is there a way to include the geographic location of a visitor. 3. How would you implement tracking a visitors movements throughout the site. Thanks
As I read there is some steps given in the following source for add multiple accounts http://msdn.microsoft.com/en-us/library/ms974568.aspx