mooo, made my first login script lol.
nothing connected to Database but it's my first try
k, it's located here:
http://albsky.110mb.com/login
details:
voorbeeld
voorbeeld
K, it works, it redirects you to 'usercp.php'.
But, you can go to usercp.php without logging in as well!
How do I let it require to be logged in? What is the code? A new session or what? what ^^
Can someone read the codes and tell me what to add/change/whatever
Codes from the 3 files;
---Index.php---
Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login</title>
</head>
<body bgcolor="000000">
<font color="ffffff">
<h1>Login</h1>
<form method="post" action="login.php">
<p>
<label for="user">Username:</label>
<input type="text" name="user" id="users" />
</p>
<p>
<label for="pass">Password:</label>
<input type="password" name="pass" id="pass" />
</p>
<p>
<input type="submit" value="Login" />
</p>
</form>
</font>
</body>
</html>
---login.php---
Code:
<?php
session_start();
$sGebruikerControle = 'voorbeeld';
$sWachtwoordControle = 'voorbeeld';
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
if(isset($_POST['user'], $_POST['pass']))
{
$sGebruiker = trim($_POST['user']);
$sWachtwoord = trim($_POST['pass']);
if($sGebruiker == $sGebruikerControle && $sWachtwoord == $sWachtwoordControle)
{
$_SESSION['logged_in'] = true;
$_SESSION['gebruiker'] = $sGebruiker;
header('Refresh: 3; url=usercp.php');
echo 'You have been succesfully logged in, please proceed, you will be redirected in 3 seconds!';
}
else
{
header('Refresh: 3; url=index.php');
echo 'Wrong username and/or password!';
}
}
else
{
header('Refresh: 3; url=index.php');
echo 'Required field does not exist!';
}
}
else
{
header('Location: index.php');
if(isset($_POST['user'], $_POST['pass']))
{
$sGebruiker2 = trim($_POST['user']);
$sWachtwoord2 = trim($_POST['pass']);
if($sGebruiker2 == $sGebruikerControle2 && $sWachtwoord2 == $sWachtwoordControle2)
{
$_SESSION['logged_in'] = true;
$_SESSION['gebruiker'] = $sGebruiker2;
header('Refresh: 3; url=usercp.php');
echo 'You have been succesfully logged in, please proceed, you will be redirected in 3 seconds!';
}
else
{
header('Refresh: 3; url=index.php');
echo 'Wrong username and/or password!';
}
}
else
{
header('Refresh: 3; url=index.php');
echo 'Required field does not exist!';
}
}
exit();
?>
---UserCP.php---
Code:
<?
include 'login.php';
session_start()
$_SESSION['logged_in'] = true;
exit()
?>
<html>
<head>
<title></title>
</head>
<body bgcolor="ffffff">
<h3>Hoi</h3>
Hoi!
</body>
</html>