can any body help me how to create a site with session on when the user login and without session when the guest visit the front page?
please pass me the sample code..

Recommended Answers

At link one just take off the following code :

// connect to database
include("inc/connect.php");
// include auth and nav
include("inc/auth.php");

The guess will not require authorize login and the session will not generated.

And your inc/auth.php can write like this to start a login session:

Jump to Post

Add into the top of link1 - $secureArea = false; and link 2 - $secureArea = true;

then in auth.php:

<?
// Login & Session example by sde
// auth.php
// start session
session_start();
// convert username and password from _POST or _SESSION
if($_POST){// if($_POST['submit'] …
Jump to Post

All 5 Replies

consider these following are my codes:
this is purely secured only authorized people can login.
now i want guests to visit only link_1.php and for link_2.php they need to be authorized or sign up.

index.php

<?
// Login & Session example by sde
// index.php

// connect to database
include("inc/connect.php");

// include auth and nav
include("inc/auth.php");

// begin content
include("inc/nav.php");

echo "This is my home page.";

// close mysql connection
mysql_close();
?> 

link_1.php

<?
// Login & Session example by sde
// link_1.php

// connect to database
include("inc/connect.php");

// include auth and nav
include("inc/auth.php");

// begin content
include("inc/nav.php");

echo "This is my Link 1.";

// close mysql connection
mysql_close();
?> 

link_2.php

<?
// Login & Session example by sde
// link_2.php

// connect to database
include("inc/connect.php");

// include auth and nav
include("inc/auth.php");

// begin content
include("inc/nav.php");

echo "This is my Link 2.";

// close mysql connection
mysql_close();
?> 

logout.php

<?
// Login & Session example by sde
// logout.php

// you must start session before destroying it
session_start();
session_destroy();

echo "You have been successfully logged out.

<br><br>
You will now be returned to the login page.

<META HTTP-EQUIV=\"refresh\" content=\"2; URL=index.php\"> ";
?> 

inc/auth.php

<?
// Login & Session example by sde
// auth.php

// start session
session_start();

// convert username and password from _POST or _SESSION
if($_POST){
  $_SESSION['username']=$_POST["username"];
  $_SESSION['password']=$_POST["password"];  
}

// query for a user/pass match
$result=mysql_query("select * from users 
  where username='" . $_SESSION['username'] . "' and password='" . $_SESSION['password'] . "'");

// retrieve number of rows resulted
$num=mysql_num_rows($result); 

// print login form and exit if failed.
if($num < 1){
  echo "You are not authenticated.  Please login.<br><br>

  <form method=POST action=index.php>
  username: <input type=text name=\"username\">
  password: <input type=password name=\"password\">
  <input type=submit>
  </form>";

  exit;
}
?>

inc/connect.php

<?
// Login & Session example by sde
// connect.php

// replace with your db info
$hostname="localhost";
$mysql_login="root";
$mysql_password="admin";
$database="test";

if (!($db = mysql_connect($hostname, $mysql_login , $mysql_password))){
  die("Can't connect to mysql.");    
}else{
  if (!(mysql_select_db("$database",$db)))  {
    die("Can't connect to db.");
  }
}
?>

inc/nav.php
..
..
..

Where the hell is without session login??????

At link one just take off the following code :

// connect to database
include("inc/connect.php");
// include auth and nav
include("inc/auth.php");

The guess will not require authorize login and the session will not generated.

And your inc/auth.php can write like this to start a login session:

$num=mysql_num_rows($result); 


if ($num==1){
$_SESSION['username'] = $_POST['username'];
header('Location: http://localhost/link2.php');

else{
header('Location: http://localhost/index.php');
}

Add into the top of link1 - $secureArea = false; and link 2 - $secureArea = true;

then in auth.php:

<?
// Login & Session example by sde
// auth.php
// start session
session_start();
// convert username and password from _POST or _SESSION
if($_POST){// if($_POST['submit'] == 'Login'){ ?
    //doing this only if post is set means you cannot have any other post page on your site
    //as it will log the person out when they submit

    //also make sure you escape these variables eg imagine $_POST['username'] = "' OR 1";
    $_SESSION['username']=$_POST["username"];
    $_SESSION['password']=$_POST["password"];
}
if(isset($_SESSION['username']) && isset($_SESSION['password'])){
    $result=mysql_query("select * from users where username='" . $_SESSION['username'] . "' and password='" . $_SESSION['password'] . "'");
    $num=mysql_num_rows($result);
    if($num < 1){
        $loggedin = false;
    }else{
        $loggedin = true;
    }
}
if(!isset($secureArea)){$secureArea = false;}//default allow people to view page if $secureArea is not set(compatibility for old pages)
if($secureArea && $loggedin === false){
    echo "You are not authenticated.  Please login.
  <form method=POST action=index.php>
  username: <input type=text name=\"username\">
  password: <input type=password name=\"password\">
  <input type=submit>
  </form>";
    exit;
}else{
    //$loggedin available to see if the user is logged in or not
}
?>

wth

4 Years Ago

I want my time back

Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.20 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.