Need Help: PHP Security - Login Script For Site security

i made a website with php.after user enters username and password then i direct him to index.htmQuestion:I want when unregistered user enter http://www.mysite.com/index.htm a message must be come that you must be login.I wait your helps.

This is a very good site that can solve your problem fully. Here is the link http://www.free2code.net/plugins/articles/read.php?id=99, go a head!

Webmaster avex

 

I read this topic and i helps surely

 

I made a admin secure room

 

<?phpif( isset($_POST["login"])){	$query = mysql_query("select * from account where name='".$_POST["name"]."'");	$row = mysql_fetch_object($query);	$pass = md5($_POST["password"]);	if("password" == $row->password && $_POST["name"] == $row->name)	{		setcookie ("login", $_POST["name"],time()+3600*365);		echo "U bent ingelogt.";		echo "<META HTTP-EQUIV=\"REFRESH\" CONTENT=\"1; URL=?p=home\">";	}	else	{		echo "Error.";	}}?>

This is the login aera it calls simply the database

And sets a cookie when you are logged in and calls error when you are not registered!

 

<?phpif( isset($_POST["reg"]))	{		if($_POST["name"] != "" && $_POST["email"] != "" && $_POST["name1"] != "" && $_password != "")			{				$telgb = mysql_query("SELECT gebruikersnaam FROM account WHERE name='".$_POST["name"]."'") or die($error[1]);				$numgb = mysql_num_rows($telgb);				if($numgb == "1")				{					echo"<center>Account allready exists</center>";				}				else				{			   		if(!eregi("^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,4})$", $_POST["email"]))			   			{							echo"<center>Error mail!</center>";	 					 } 						 else 							 {								if($password != $_POST["password2"])								{									echo "<center>Password are not the same</center>";								}								else								{									echo"<center>You are registered.</center>";									$pass= md5($password1);									mysql_query("insert into account (name1,name,password,idate,email) values ('".$_POST["naam"]."','".$_POST["gebruikersnaam"]."','".$password."','".date."','".$_POST["email"]."')") or die(mysql_error());								}							 }				}				}				else				{					echo "<center>Something is not ready.</center>";				}			}?>

This is the register account name

 

And this you must copy on each page you want to secure

<?php$query = mysql_query("select * from account where id='".$_GET["id"]."'");$row = mysql_fetch_object($query);$ex = mysql_num_rows($query);if($ex == "0"){	echo "Dit acountje bestaat niet.";	exit();}else{here your tabel }?>

After the else is your tabel when its a correct login

i made a website with php.

after user enters username and password then i direct him to index.htm

Question:I want when unregistered user enter http://www.mysite.com/index.htm a message must be come that you must be login.

I wait your helps.

 

if (! successfully_logged_in($_POST['user'])) {

display_login_form();

exit;

} else {

 

session_start();

$_SESSION['user'] = $_POST['user'];

header("Location: http://forums.xisto.com/no_longer_exists/;);

 

}

Dear AVEXI have a request for you. Would you please give me the database structure of the login script you have build? I want to build a CMS. I guess this code can help me in understand how things wotk.

Security Log in

Need Help: PHP Security - Login Script For Site

 

How I can create security log in dialoge box.

I want only people that I let them visit my site and also manage them add baned and ... ??????

 

 

-reply by mk63

sorry.. I didn't understand what you need.

How I can create security log in dialoge box.

? what is that :(maybe if you write a bit more clear, I am sure that I can help you.
Edited May 25, 2008 by Feelay (see edit history)

May be Feedbacker require show a login dialog when a anonyomous user visit to their site.One they got auth, then, allowed to visit the site.If so, try check the cookies set before. If they exists then, allow users to access the member area.Otherwise, show the login dialog.

i made a website with php.after user enters username and password then i direct him to index.htm
Question:I want when unregistered user enter http://www.mysite.com/index.htm a message must be come that you must be login.
I wait your helps.

well for instant, there is also a loggedin.php or somethinglike that, depends on what you display but if you go onto loggedin.php, you can change the redirect key to longer than it is. that also lets you have enough time to post your message at the front page when they log on and people would read it and then they can manually redirect them self or let it redirect. what do you have?