1

I'm looking to produce a simple login session script, this does not have to be very secure and I was hoping to do it without the need for a database. Basically I want to give people invites to the webpage and they can only access it with the username and password on the invite, therefore I require more than one login. I would also like to display a message upon successful login with something like "Welcome username."

I found the code below which seems to do the job well but how can I adjust it to hide the form after login?

<?php
session_start();

$userinfo = array(
                'user1'=>'password1',
                'user2'=>'password2'
                );

if(isset($_GET['logout'])) {
    $_SESSION['username'] = '';
    header('Location:  ' . $_SERVER['PHP_SELF']);
}

if(isset($_POST['username'])) {
    if($userinfo[$_POST['username']] == $_POST['password']) {
        $_SESSION['username'] = $_POST['username'];
    }else {
        //Invalid Login
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <title>Login</title>
    </head>
    <body>
        <?php if($_SESSION['username']): ?>
            <p>You are logged in as <?=$_SESSION['username']?></p>
            <p><a href="?logout=1">Logout</a></p>
        <?php endif; ?>
        <form name="login" action="" method="post">
            Username:  <input type="text" name="username" value="" /><br />
            Password:  <input type="password" name="password" value="" /><br />
            <input type="submit" name="submit" value="Submit" />
        </form>
    </body>
</html>
Improve this question
7
  • 3
    so what's not happening here and was the session started? any errors also? Commented Jan 13, 2017 at 13:01
  • 1
    "I found the code below which seems to do the job well but how can I adjust it to hide the form after login?" - Oh, so it works then, to which "that" is the real question, correct? Commented Jan 13, 2017 at 13:02
  • Hi Fred. The login form is still displaying after the user has logged in successfully, I would like this only to appear if they are not logged in. I don't have any errors other than that. Commented Jan 13, 2017 at 13:03
  • you have not specify any conditional statement for your login form. Commented Jan 13, 2017 at 13:05
  • many ways to do this; css hide, wrap the form in an echo assigned to a session variable all in a conditional statement; add an exit... etc. Commented Jan 13, 2017 at 13:05

3 Answers 3

Reset to default
1

Just put your form in a condition

if(empty($_SESSION['username'])){
   // your html form here
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Check this:

<?php
session_start();

$userinfo = array(
                'user1'=>'password1',
                'user2'=>'password2'
                );

if(isset($_GET['logout'])) {
    $_SESSION['username'] = '';
    header('Location:  ' . $_SERVER['PHP_SELF']);
}

if(isset($_POST['username'])) {
    if($userinfo[$_POST['username']] == $_POST['password']) {
        $_SESSION['username'] = $_POST['username'];
    }else {
        //Invalid Login
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <title>Login</title>
    </head>
    <body>
        <?php if($_SESSION['username']): ?>
            <p>You are logged in as <?=$_SESSION['username']?></p>
            <p><a href="?logout=1">Logout</a></p>
        <?php else: ?>
        <form name="login" action="" method="post">
            Username:  <input type="text" name="username" value="" /><br />
            Password:  <input type="password" name="password" value="" /><br />
            <input type="submit" name="submit" value="Submit" />
        </form>
    <?php endif; ?>
    </body>
</html>
Improve this answer

Comments

1

Change

if(isset($_GET['logout']))
     {
          $_SESSION['username'] = '';
          header('Location: /');
     }

to

if(isset($_GET['logout']))
     {
          Session_destroy();
          header('Location: /');
     }

If you don't kill/destroy session, you will have a big problem.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.