Login.html
<form action="login.php" method="post"> <b>Username</b>:<input type="text" name="username" size="20"><br> <b>Password</b>:<input type="password" name="pw" size="20"><br> <input type="submit" value="Login"></form>
Simple enough, this gives inputs for a username, password, and the submit button, it then sends the info to login.php where the magic works!!!
Login.php
<?php session_start(); include "connect.php"; $q="SELECT * from login where username='$username' and pw='$pw'"; $result= mysql_query($q, $connection) or die ("Could not execute query : $q." . mysql_error()); if (mysql_num_rows($result) == 0) { echo "<div align=center><b>Oops! Your login is wrong. Please click back and try again.</b></div>"; } else { $r=mysql_fetch_array($result); $login_username=$r["username"]; session_register("login_username"); Header("Location: protected.php"); } ?>
Ok so you use session_start(); which will create the session that you will store on the users computer, then you select all the information from the database and check for the information the user submitted. If it is wrong, an error message is echoed, you can change this to whatever you want it to say. So after that we have the else statement which is if the information is found then it redirects the user to the page you choose, in this case protected.php. This will be your admin page. Now to make a protected page!!
Protected.php
<? session_start(); if($login_username=="") { Header("Location: login.html"); } else { <!-- rest of your HTML code here for protected pages --> }
Ok so this code checks if the session is valid, and if not, it redirects the user to login.html. But if the information is true it shows the code you have for the admin page!
Basically I wrote this because alot of people were asking about user protected pages, and securing information from prying eyes. If you branch this off into other ideas you could come up with some real origional ideas. I hope you had fun with this one, because I know I sure did. Enjoy!
~Gio~