0

Hey

I want to make a website lets say http://www.mysite.com but before they view it, they have to login with username and password (those are stored in a DB). It doesnt matter if they access http://www.mysite.com/hello http://www.mysite.com/hello.html or http://www.mysite.com/hello/something/j.php ect the first time they access, they have to login, else they cannot view any content at all.

Once they are logged in, Im thinking of 2 alternatives (depends on which is more easy to implement and when has better security)

1: Once they log in, in a DB the date/time they login is stored. If in say 5 minutes, they dont do anything on the site, they have to input again their username and pass. If they do, the NEW date/time is stored and sofore.
2: A simple cookie that expires in a hour (or whatever time)

Thank you

4
Contributors
4
Replies
6
Views
4 Years
Discussion Span
Last Post by Dragennd
0

The simplest way would be to use a PHP SESSION variable, it also means you don't need to get involved with the new data protection laws (which cookies fall under).

You would want to querry your login SESSION like this:

<?php

    if(!isset($_SESSION['LoggedIn']))
    {
        die (Header('Location: Login.php'));
    }

    else
    {
        echo "Welcome!";
    }

?>

That would simply check if the session has been set and if not then send them to a login page (to which you would set your session).

Then to update the DB, simply in the login bit include a mysql_query which updates the Login Time to the current date and time.

I hope that is useful? Sorry for not being able to provide much more information.

0

In my opinion, instead of establishing db connection, why don't you try to use cache to set the time. What I mean is use php to establish a cache which will expire in a certain time. Then, use the login function to assign the cache data. If the data is not exist, display the login form.

0

instead

In my opinion, instead of establishing db connection, why don't you try to use cache to set the time. What I mean is use php to establish a cache which will expire in a certain time. Then, use the login function to assign the cache data. If the data is not exist, display the login form.

And I do this how?

0

I'm not all that proficient in php so I can't help much with Ips's reply, however, what you could also do is simply password protect your server. You can make it so that it requires a password to access anything within a certain directory. Most webservers allow for password protection and this is a simple way to block access to information on your website.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.