2

i have used the login script which is found here http://www.phpeasystep.com/phptu/6.html the script works fine and i finally reach the login success page after entering the correct details.

but i need help with how do i use this for all the pages on my website. what is the header that i should be mentioning on each page that i want to be password protected and also that the user does not have to login multiple times within the website and the session to be reset in a particular period that i am able to mention

i know it might sound dumb but sorry i am a novice and don't know programming.

Improve this question
0

2 Answers 2

Reset to default
3

your going to want to have a cookie/session set when the user logs in, and then have each page check to see if that session/cookie is set, and if it's not redirect them to the login page.

here is a little example on how to set the session:

<?php
session_start();
$_SESSION['auth'] = "OKAY";
?>

and here is a little snippit for each page to check for the session:

<?php
session_start();
if(!isset($_SESSION['auth']))
{
header("Location: your_login_page.php");
}
//display page here
?>

mind you this is a very basic example.

hope that helps!

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

i didn't tell him too, i said to put that in his other pages that he wants to limit access to
i'm aware that you didn't but as you wrote "for each page to check for the session" I thought it may get him confused. Instead for the login page you could do something like: if(isset($_SESSION['auth'])) { header("Location: your_main_page.php"); }
ah, kk i got yah. sorry bout that.
guys, i am really sorry but i am quite confused. can somebody tell me what all to mention on each page please. and $_SESSION['auth'] is 'auth' a variable that i have to mention somewhere
@mmdel sorry for the delayed response. for the pages you need to restrict access for refer to the second code snippet, you need for those pages to check for a session variable that your login page sets on a successful login. as for your login page you need it to set the session variable for the other pages to check on successful login (refer to the first code snippet). i hope this helps
0

First, make sure you are starting the session on every single page.

<?php
session_start();
// page code...

Then, you need to check and see if the current session is logged in. Ideally, your login script will set a session variable to true upon successful login, such as $_SESSION['logged_in']. So any time you wish to check if a user is logged in, you just have to check that. If it's false, you can have it redirect them to a login page, show a link to login, etc.

Secondly, some users will want to stay logged in across sessions. To do this, you'll need to set at least two cookies. One is the user ID of the user, and the second is a unique autologin key, which would be generated upon each login and stored in the database. If the session is not logged in but the cookies are present, you can check and see if the autologin key is valid. If so, have it log them in automatically.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.