//save this file as
//index.php
//this uses sessions - see the php manual if you are confused on this part
session_start(); //start session
//see the php manual for the reasons on the SID part
?>
//end
//****************************************
//save this file as
//sendto.php
//this file is the gateway file. dont put anything to display here, because it is meant as a reroute
session_start(); //start the session
//i used an include file for all of my db stuff, makes it a LOT easier for creating new pages
include("includedb.php");
//added this part because if someone hits submit with the username/password boxes empty, you could get in
//so i set the string length to less than two, but you can use any number you wish - its dependent
//on how long your usernames and passwords must be
$loginstr="$username"."$password";
$loginstrlen=strlen($loginstr);
if ($loginstrlen<2){
//confused on headers? see the manual
//this means - go to index.php
Header("Location: index.php");
$error = 1;
session_register("error");
}
//this part is from phpbuilder.com
if (@$username && @$password) {
$res = @mysql_query("SELECT username,password FROM $connectdb1 WHERE username='$username' AND password='$password'");
if(@mysql_num_rows($res) != 0) {
Header("Location: pageone.php");
$verified_user = $username;
$verified_userpw = $password;
session_register("verified_user");
session_register("verified_userpw");
//setting a cookie to expire in 60 seconds (you can change it)
//this will not let someone do something after a certain amount(60 seconds) of inactivity
//
//change the domain to match yours
//or else you will have problems
//dont forget to use two .'s
setcookie("time",$PHPSESSID,time()+60,"/",".mydomain.com",0);
}
else {
//if you are bad, you go back and reenter your password, mister!
Header("Location: index.php");
$error = 1;
session_register("error");
}
}
?>
//****************************************
//save this file as
//header.php
session_start();
//db stuff
$connection = mysql_connect("localhost","mydb","mydb") or die ("Could not connect to the MySQL Server");
$db = mysql_select_db("mydb", $connection) or die ("Unable to select database.");
$connectdb1="users";
$res = @mysql_query("SELECT username FROM $connectdb1 WHERE username='$verified_user' AND password='$verified_userpw'");
if(@mysql_num_rows($res) == 0) {
Header("Location: index.php");
$error = 2;
session_register("error");
}
//using our good friend cookie here
$time=$HTTP_COOKIE_VARS["time"];
$timesl=strlen($time);
if($timesl<1) {
Header("Location: index.php");
$error = 3;
session_register("error");
}
//if no problems, reset the cookie to expire 60 seconds from now
//see the above file about the domain thing here
setcookie("time",$PHPSESSID,time()+60,"/",".mydomain.com",0);
?>
//****************************************
//save this file as
//includedb.php
//simple db connect
//used for sendto.php
//remove this next line if you are having problems - ssc955s 6/20/2001
session_start();
$connection = mysql_connect("localhost","mydb","mydb") or die ("Could not connect to the MySQL Server");
$db = mysql_select_db("mydb", $connection) or die ("Unable to select database.");
$connectdb1="users";
?>
//****************************************
//save this file as
//pageone.php
//add the db stuff
include("header.php");
//for testing purposes, you can see what the username/password is, and i added the
//this is page one part so you can reference the page
//all of this part is unecessary
echo "this is page one";
echo "
Your username is: ";
echo $verified_user;
echo "
Your password is: ";
echo $verified_userpw;
//add your database query here
$sql1 = "SELECT color FROM $connectdb1 WHERE username=\"$verified_user\"";
$sql_result1 = mysql_query($sql1,$connection) or die ("Cant do sql1");
while ($row = mysql_fetch_object($sql_result1))
{
$color=$row->color;
}
//you can add whatever you like from this point on
?>
You did good. this is pageone.php. now go to pagetwo.php
//i added a variable to output
echo $color;
?>
//adds the logout button
include ("logoutform.php");
?>
//****************************************
//save this file as
//pagetwo.php
//add the db stuff
include("header.php");
echo "i knew you could do it!";
echo "
";
//add your database query here
$sql1 = "SELECT color FROM $connectdb1 WHERE username=\"$verified_user\"";
$sql_result1 = mysql_query($sql1,$connection) or die ("Cant do sql1");
while ($row = mysql_fetch_object($sql_result1))
{
$color=$row->color;
}
//you can add whatever you like from this point on
?>
You did good. this is pagetwo.php. now go to pageone.php
//i added a variable to output
echo $color;
?>
//adds the logout button
include ("logoutform.php");
?>
//****************************************
//save this file as
//logout.php
//pretty easy, you are done
//and kill all the variables
//aka hiding the evidence
session_start();
//sending you to a custom 'buh-bye' page
Header("Location: bye.php");
$verified_user = " ";
$verified_userpw = " ";
session_register("verified_user");
session_register("verified_userpw");
session_destroy();
?>
//****************************************
//save this file as
//logoutform.php
echo "
";
?>
//****************************************
//save this file as
//bye.php
//custom 'buh-bye' page
echo "thanks for visiting";
echo "
";
echo "Login Again";
echo "
";
echo "bet you would like to try to get back into page one without logging in, huh?";
echo "
";
echo "go ahead and try, but don't say I didn't warn you!!";
echo "
";
echo "pageone.php";
?>
//thats it.
//not terribly sophisticated, but it does work
//you can combine this with other things on this site
//to develop a cool system