function
<?php
function createsessions($username,$password)
{
//Add additional member to Session array as per requirement
session_register();
$_SESSION["gdusername"] = $username;
$_SESSION["gdpassword"] = md5($password);
if(isset($_POST['remme']))
{
//Add additional member to cookie array as per requirement
setcookie("gdusername", $_SESSION['gdusername'], time()+60*60*24*100, "/");
setcookie("gdpassword", $_SESSION['gdpassword'], time()+60*60*24*100, "/");
return;
}
}
function clearsessionscookies()
{
unset($_SESSION['gdusername']);
unset($_SESSION['gdpassword']);
session_unset();
session_destroy();
setcookie ("gdusername", "",time()-60*60*24*100, "/");
setcookie ("gdpassword", "",time()-60*60*24*100, "/");
}
function confirmUser($username,$password)
{
$md5pass = md5($password);
/* Validate from the database but as for now just demo username and password */
if($username == "demo" && $password = "demo")
return true;
else
return false;
}
function checkLoggedin()
{
if(isset($_SESSION['gdusername']) AND isset($_SESSION['gdpassword']))
return true;
elseif(isset($_COOKIE['gdusername']) && isset($_COOKIE['gdpassword']))
{
if(confirmUser($_COOKIE['gdusername'],$_COOKIE['gdpassword']))
{
createsessions($_COOKIE['gdusername'],$_COOKIE['gdpassword']);
return true;
}
else
{
clearsessionscookies();
return false;
}
}
else
return false;
}
?>
index
<?php
ob_start();
session_start();
require_once ("functions.php");
if (checkLoggedin())
echo "<H1>You are already logged in as $_SESSION[gdusername] - <A href = \"login.php?do=logout\">logout</A></h1>";
else
echo "<H1>You are not logged in - <A href = \"login.php\">login</A></h1></h1>";
?>
login
<?php
ob_start();
session_start();
/*################################################# #############*\
|# By: Shabbir H. A. Bhimani #|
|# This code is copyright(c) of GlobalDevelopers.net,all rights #|
|# reserved and this file may not be redistributed in whole or #|
|# significant part. Author: shabbir@globaldevelopers.net #|
\*################################################ ##############*/
require_once ("functions.php");
$returnurl = urlencode(isset($_GET["returnurl"])?$_GET["returnurl"]:"");
if($returnurl == "")
$returnurl = urlencode(isset($_POST["returnurl"])?$_POST["returnurl"]:"");
$do = isset($_GET["do"])?$_GET["do"]:"";
$do = strtolower($do);
switch($do)
{
case "":
if (checkLoggedin())
{
echo "<H1>You are already logged in - <A href = \"login.php?do=logout\">logout</A></h1>";
}
else
{
?>
<form NAME="login1" ACTION="login.php?do=login" METHOD="POST" ONSUBMIT="return aValidator();">
<input TYPE="hidden" name="returnurl" value="<?$returnurl?>">
<TABLE cellspacing="3">
<TR>
<TD>Username:</TD>
<TD><input TYPE="TEXT" NAME="username"></TD>
<TD>Password:</TD>
<TD><input TYPE="PASSWORD" NAME="password"></TD>
</TR>
<TR>
<TD colspan="4" ALIGN="center"><input TYPE="CHECKBOX" NAME="remme"> Remember me for the next time I visit</TD>
</TR>
<TR>
<TD ALIGN="CENTER" COLSPAN="4"><input TYPE="SUBMIT" name="submit" value="Login"></TD>
</TR>
</form>
</TABLE>
<?
}
break;
case "login":
$username = isset($_POST["username"])?$_POST["username"]:"";
$password = isset($_POST["password"])?$_POST["password"]:"";
if ($username=="" or $password=="" )
{
echo "<h1>Username or password is blank</h1>";
clearsessionscookies();
header("location: login.php?returnurl=$returnurl");
}
else
{
if(confirmuser($username,md5($password))) // As pointed out by asgard2005
{
createsessions($username,$password);
if ($returnurl<>"")
header("location: $returnurl");
else
{
header("Location: index.php");
}
}
else
{
echo "<h1>Invalid Username and/Or password</h1>";
clearsessionscookies();
header("location: login.php?returnurl=$returnurl");
}
}
break;
case "logout":
clearsessionscookies();
header("location: index.php");
break;
}
?>