Problem:- Control Over User Login Procedure – Cookies Authentication
Solution:-
This is HTML code of Login Form. Save as User.php
Contents
hide
User.php file
<form method="POST" action="login.php"> <input type="text" name="username"><br> <input type="password" name="password"><br> <input type="submit" name="login" value="Login"> </form>
Login.php File
This is the Login.php file. Here we use Cookies function to store information but if you want to use session then just change the setcookie function.
<?php
error_reporting(0);
function validate($user, $pass){
if ($user == "Deep" && $pass=="123456") {
return true;
}else{
header("Location: test.php ");
}
}
if (isset($_POST['login'])) {
$secretWord = "this is cool";
if (validate($_POST['username'], $_POST['password'])) {
setcookie('login', $_POST['username'].",".md5($_POST['username'].$secretWord));
}
}
unset($username);
if (isset($_COOKIE['login'])) {
list($c_username, $cookie_hash) = explode(',', $_COOKIE['login']);
if (md5($c_username.$secretWord) == $cookie_hash) {
$username = $c_username;
}
}else{
echo("You sent a unreconized request <br>");
}
if (isset($username)) {
print "Welcome, $username";
}
else{
?>
<script type="text/javascript">
alert("Welcome, You'r Not a Reconized User");
window.location.href = "test.php";
</script>
<?php
}
?>
