Let's test the login/logout classes and see if they work. Create a new PHP document and add the following code. I've commented on the code that I used here so it should be easy to understand:
The HTML form collects the username and password and then compares it with the information in the database. This is done through the checkuser() function defined in the login class. Upon successful authentication the username and id are displayed together with the contents of the connection variable. The id of the user is received through the getid() function of the login class; similarly, the username is received through the getname() function. Below is a screenshot of the login test:
There's a couple of things that I haven't done here in terms of security. The first is that I did not hash the passwords that are stored in the database, so please make sure that you implement this safety measure. Use either MD5() or Crypt() to encrypt the passwords. If there are other things that I have not done correctly than please, by all means, correct them before using the code. It is also a good idea to keep both the login application and users table separate from the other applications and databases. The users table should be in a separate database from the rest of the tables.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |