Problem:- Control Over User Login Procedure – Cookies Authentication
Solution:-
This is HTML code of Login Form. Save as User.php
Contents
hide
User.php file
<form method="POST" action="login.php"> <input type="text" name="username"><br> <input type="password" name="password"><br> <input type="submit" name="login" value="Login"> </form>
Login.php File
This is the Login.php file. Here we use Cookies function to store information but if you want to use session then just change the setcookie function.
<?php error_reporting(0); function validate($user, $pass){ if ($user == "Deep" && $pass=="123456") { return true; }else{ header("Location: test.php "); } } if (isset($_POST['login'])) { $secretWord = "this is cool"; if (validate($_POST['username'], $_POST['password'])) { setcookie('login', $_POST['username'].",".md5($_POST['username'].$secretWord)); } } unset($username); if (isset($_COOKIE['login'])) { list($c_username, $cookie_hash) = explode(',', $_COOKIE['login']); if (md5($c_username.$secretWord) == $cookie_hash) { $username = $c_username; } }else{ echo("You sent a unreconized request <br>"); } if (isset($username)) { print "Welcome, $username"; } else{ ?> <script type="text/javascript"> alert("Welcome, You'r Not a Reconized User"); window.location.href = "test.php"; </script> <?php } ?>
Leave a Reply