How to make a user login before viewing a web page?

Question

riahc3 50 Â

12 Years Ago

Hey

I want to make a website lets say http://www.mysite.com but before they view it, they have to login with username and password (those are stored in a DB). It doesnt matter if they access http://www.mysite.com/hello http://www.mysite.com/hello.html or http://www.mysite.com/hello/something/j.php ect the first time they access, they have to login, else they cannot view any content at all.

Once they are logged in, Im thinking of 2 alternatives (depends on which is more easy to implement and when has better security)

1: Once they log in, in a DB the date/time they login is stored. If in say 5 minutes, they dont do anything on the site, they have to input again their username and pass. If they do, the NEW date/time is stored and sofore.
2: A simple cookie that expires in a hour (or whatever time)

Thank you

web-design

4 Contributors
4 Replies
375 Views
2 Weeks Discussion Span
Latest Post 12 Years Ago Latest Post by Dragennd

Octet 45 Newbie Poster

12 Years Ago

The simplest way would be to use a PHP SESSION variable, it also means you don't need to get involved with the new data protection laws (which cookies fall under).

You would want to querry your login SESSION like this:

<?php

    if(!isset($_SESSION['LoggedIn']))
    {
        die (Header('Location: Login.php'));
    }

    else
    {
        echo "Welcome!";
    }

?>

That would simply check if the session has been set and if not then send them to a login page (to which you would set your session).

Then to update the DB, simply in the login bit include a mysql_query which updates the Login Time to the current date and time.

I hope that is useful? Sorry for not being able to provide much more information.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

lps 71 Posting Pro in Training · Answer 1 · 2012-09-11T05:53:43+00:00

In my opinion, instead of establishing db connection, why don't you try to use cache to set the time. What I mean is use php to establish a cache which will expire in a certain time. Then, use the login function to assign the cache data. If the data is not exist, display the login form.

riahc3 50 Â Team Colleague · Answer 2 · 2012-09-17T08:06:57+00:00

instead

In my opinion, instead of establishing db connection, why don't you try to use cache to set the time. What I mean is use php to establish a cache which will expire in a certain time. Then, use the login function to assign the cache data. If the data is not exist, display the login form.

And I do this how?

Dragennd 12 Light Poster · Answer 3 · 2012-09-26T01:31:24+00:00

I'm not all that proficient in php so I can't help much with Ips's reply, however, what you could also do is simply password protect your server. You can make it so that it requires a password to access anything within a certain directory. Most webservers allow for password protection and this is a simple way to block access to information on your website.