Simple PHP Login Help..

[Jaquio]

Alright, I have been trying an trying there are a few threads out there from where I have tried to make one. It seemed to work, but it actually didn't.. Anyways, I want to make a simple login/logout script. Using a Functions.php file holding the login an logout functions. While in the other file, has the login page, an the logout. Something kinda like this.

Functions.php

PHP Code:

<?php
require("Header.php");

//Logs you into the site.
Function Login($User, $Pass, $MinRank, $mID){
    global $MyRow;

    $result = @mysql_query("SELECT * FROM Members WHERE Username = '$User'");
    $MyRow = mysql_fetch_array($result);

    if($MyRow != Null){
        extract($MyRow);
    }

    if($User == $Username && $Pass == $Password and $Username != NULL){

        if($Rank >= $MinRank){
            return 1;
        } else {
            echo("Logged in!, Rank isn't high enough.");
        }
    } else {

        if($mID == 0){
            echo("<br><center>
                <form action=User_CMD.php method=POST>
                    Username:<input type=username name=Username>
                    <br>
                    Password:<input type=password name=Password>
                    <br>
                    <input type=submit value='Login'>
                </form></center>    
            ");
        } else {
            echo("Not Logged in!, mID != 0");
        }

    }
}

//Logs you out of the site.
Function Logout($User){
       //Place logout stuff here.
    echo("You are now logged out!");
}

?>

An here is the other.

User_CMD.php

PHP Code:

<?php

require("Functions.php");

$Action = $_GET["Action"];

if($Action == NULL){
    if(Login($Username, $Password, 0, 0) == 1){
        //Display Profile, Console, Private News an whatever else here.
        echo("<br>
            <center>
                Logged in!
            </center>
            <br>
        ");
    }
}

if($Action == "Logout"){
    if(Login($User, $Pass, 0, 0) == 1){
        Logout($Username);
    }
}

require("Footer.php");

?>

How could I possibly add-in cookies or sessions doesn't matter which ones I use peferably sessions though. Just as long as the user can login an out.

[Jaquio]

Anyone?

Perhaps, you could just show me some code for a simple login using cookies or sessions, or show me how to do it.

[penagate]

The login process is fairly simple:

- Accept username and password.
- MD5() password.
- Check MD5 against stored hash for that username in the DB.
- If equal, set a boolean session flag.

PHP Code:

$username = $_POST['username'];
$password_md5 = md5($_POST['password']);

$userdata = @mysql_query(
  'select `password_md5`from `users` where `username` = \''.$username.'\''
);

if (mysql_errno()) {
  // user does not exist in DB
}
else {
  $password_hash = mysql_result($userdata, 0);

  if ($password_hash == $password_md5) {
    // successful login
    $_SESSION['logged-in'] = true;
  }
} 


That's in the simplest form. Remember you need to call session_start() before all that and before any output is sent.

[Jaquio]

Thank you so much! I actually got it working, an you it actually logs you out this time. Thanks alot . I just put this in my header file,

PHP Code:

session_start();
        if($_SESSION["UserSes"] == NULL && $_SESSION["Logged-In"] == 0){
            $_SESSION["UserSes"] = $Username;
        }

        if($_SESSION["PassSes"] == NULL && $_SESSION["Logged-In"] == 0){
            $_SESSION["PassSes"] = $Password;
        }

if($Username == $_SESSION["UserSes"] && $_SESSION["Logged-In"] == 1){
    if($Password == $_SESSION["PassSes"] && $_SESSION["Logged-In"] == 1){
        $_SESSION["UserSes"] = $Username;
        $_SESSION["PassSes"] = $Password;
        $_SESSION["Logged-In"] = 1;
    }
} 


An it worked fine, when I login I clear the sessions so if their wrong(bad login) they don't stick. An my logout function works perfectly as well, thanks again.

[penagate]

No problems