You want to implement a login system with sessions.
Use 2 files: one is to create the login form and processing the form. The other one is the protected page once the autentication is successful.
This is the script for the form.
<?php
// Enable output buffering. No output is sent from the script
// (other than headers). It is saved in an internal buffer
ob_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="EN" lang="EN">
<head>
<title>Implementing a Login System with Sessions</title>
<meta Name="Author" Content="Hann So">
</head>
<body>
<p>
<?php
if (isset($_POST['submit'])) {
process_form();
}
else {
display_form();// display form for the first time
}
function display_form() {
echo <<<HTML
<h2>Login Form</h2>
<form action = "$_SERVER[SCRIPT_NAME]" method="post">
Username:
<input type="text" name="username" value="John" />
<br />
Password:
<input type="password" name="password" value="John123" />
<br />
<input type="submit" name="submit" value="Log in" />
</form>
HTML;
}
function process_form() {
if ( (isset($_POST['username'])) && (isset($_POST['password'])) ) {
if ( ($_POST['username'] == 'John') && ($_POST['password'] == 'John123') ) {
// Start session
session_start();
$_SESSION['Authenticated'] = 1;
// Store the session data now and close the session
session_write_close();
// Here redirect the user to the welcome page after successfully logged in
header('Location: protected.php');
}
else {
// Incorrect login
echo "<p>Sorry the username and password are incorrect.</p>";
display_form();
}
}
else {
// A missing field
echo "<p>Please make sure to enter both username and password.</p>";
display_form();
}
echo "<p><a href=\"example_a.php\">Access the session variables?</a></p>";
echo "<p><a href=\"$_SERVER[SCRIPT_NAME]\">Try again?</a></p>";
}
?>
</p>
</body>
</html>
<?php
// Flush the buffer and end output buffering.
ob_end_flush();
?>
|
This is the script for the protected page.
<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="EN" lang="EN">
<head>
<title>Implementing a Login System with Sessions</title>
<meta Name="Author" Content="Hann So">
</head>
<body>
<p>
<?php
if (isset($_SESSION['Authenticated']) && ($_SESSION['Authenticated']==1)) {
load_page();
}
else {
load_error();
}
function load_error() {
echo <<<HTML
<h2>You are not logged in</h2>
<p>
Sorry you cannot view the protected page.
</p>
<p>
Please try to <a href="example_l.php">Log in</a> again.
</p>
HTML;
}
function load_page() {
echo <<<HTML
<h2>Welcome to the protected page.</h2>
<p>
You can now view the protected content.
</p>
<p>
When ready, you can <a href="example_d.php">Log out</a>.
</p>
HTML;
}
?>
</p>
</body>
</html>
|