Alright, I have been trying an trying there are a few threads out there from where I have tried to make one. It seemed to work, but it actually didn't.. :( Anyways, I want to make a simple login/logout script. Using a Functions.php file holding the login an logout functions. While in the other file, has the login page, an the logout. Something kinda like this.

Functions.php

<?php
require("Header.php");

//Logs you into the site.
Function Login($User, $Pass, $MinRank, $mID){
global $MyRow;

$result = @mysql_query("SELECT * FROM Members WHERE Username = '$User'");
$MyRow = mysql_fetch_array($result);

if($MyRow != Null){
extract($MyRow);
}

if($User == $Username && $Pass == $Password and $Username != NULL){

if($Rank >= $MinRank){
return 1;
} else {
echo("Logged in!, Rank isn't high enough.");
}
} else {

if($mID == 0){
echo("<br><center>
<form action=User_CMD.php method=POST>
Username:<input type=username name=Username>
<br>
Password:<input type=password name=Password>
<br>
<input type=submit value='Login'>
</form></center>
");
} else {
echo("Not Logged in!, mID != 0");
}

}
}

//Logs you out of the site.
Function Logout($User){
//Place logout stuff here.
echo("You are now logged out!");
}

?>


An here is the other.

User_CMD.php

<?php

require("Functions.php");

$Action = $_GET["Action"];

if($Action == NULL){
if(Login($Username, $Password, 0, 0) == 1){
//Display Profile, Console, Private News an whatever else here.
echo("<br>
<center>
Logged in!
</center>
<br>
");
}
}

if($Action == "Logout"){
if(Login($User, $Pass, 0, 0) == 1){
Logout($Username);
}
}

require("Footer.php");

?>



How could I possibly add-in cookies or sessions doesn't matter which ones I use peferably sessions though. Just as long as the user can login an out.

Anyone? :(

Perhaps, you could just show me some code for a simple login using cookies or sessions, or show me how to do it. :(

The login process is fairly simple:

- Accept username and password.
- MD5() password.
- Check MD5 against stored hash for that username in the DB.
- If equal, set a boolean session flag.

$username = $_POST['username'];
$password_md5 = md5($_POST['password']);

$userdata = @mysql_query(
'select `password_md5`from `users` where `username` = \''.$username.'\''
);

if (mysql_errno()) {
// user does not exist in DB
}
else {
$password_hash = mysql_result($userdata, 0);

if ($password_hash == $password_md5) {
// successful login
$_SESSION['logged-in'] = true;
}
}


That's in the simplest form. Remember you need to call session_start() before all that and before any output is sent.

Thank you so much! I actually got it working, an you it actually logs you out this time. Thanks alot :). I just put this in my header file,


session_start();
if($_SESSION["UserSes"] == NULL && $_SESSION["Logged-In"] == 0){
$_SESSION["UserSes"] = $Username;
}

if($_SESSION["PassSes"] == NULL && $_SESSION["Logged-In"] == 0){
$_SESSION["PassSes"] = $Password;
}

if($Username == $_SESSION["UserSes"] && $_SESSION["Logged-In"] == 1){
if($Password == $_SESSION["PassSes"] && $_SESSION["Logged-In"] == 1){
$_SESSION["UserSes"] = $Username;
$_SESSION["PassSes"] = $Password;
$_SESSION["Logged-In"] = 1;
}
}


An it worked fine, when I login I clear the sessions so if their wrong(bad login) they don't stick. An my logout function works perfectly as well, thanks again. :)

No problems :)