By the looks of it {he thinks} he knows what he’s doing.

PHP Freeware Downloads

01 05 07'

PHP Authorization Script

I’ve worked on this script in some form or another for about 4 years now. It is really, really handy to set up and use. The number one thing I like about it is that it handles the issue with people clicking the back button once they’ve logged in. They never have to see the login screen again. To use it:

  1. add it to the top of any page you want to have security (I use it as an include)
  2. make sure you have a login.php page
  3. modify your landing page (in this case index.php), and
  4. modify your database query (and db class) accordingly

Please let me know if you end up using it.

<?php
require_once('db.class.php');
$db = new DB();

session_start();
error_reporting(E_ERROR | E_WARNING | E_PARSE);

if(isset($_POST['arg1']) && isset($_POST['arg2'])){
	if(!empty($_POST['arg2'])){
 		$results = $db->query("SELECT userid FROM users WHERE userid='" . addslashes($_POST['arg1']) . "' AND password=md5('" . addslashes($_POST['arg2']) . "')");
		if ($query->num_rows > 0){
			$_SESSION['authorized'] = true;
			$_SESSION['auth_id'] = $results->userid;
			header("Location: index.php");
		}
		else{
			$_SESSION['authorized'] = false;
			$login_error = true;
			header("Location: login.php?login_error=true");
		}
	}
	else {
		$_SESSION['authorized'] = false;
		$login_error = true;
		header("Location: login.php?login_error=true");
	}
}
elseif(isset($_GET['logout'])){
	$_SESSION['authorized'] = false;
	header("Location: login.php");
}
elseif($_SESSION['authorized'] == false){
	header("Location: login.php");
}
?>

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

Comments are closed.