PHP
  Home arrow PHP arrow Login and Logout Authentication for a ...
Administration  
AJAX  
Apache  
BrainDump  
DHTML  
Flash  
Java  
JavaScript  
Multimedia  
MySQL  
Oracle  
Perl  
PHP  
Practices  
Python  
Reviews  
Security  
Style-Sheets  
Web Services  
XML  
Zend  
Zope  
Forums Sitemap 
IBM® developerWorks 
Sun Developer Network 
E-Commerce Hosting 
Linux Web Hosting 
Managed Hosting 
Small Business Hosting 
Mobile Linux 
App Generation ROI 
VPS Hosting 
Weekly Newsletter

 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
PHP

Login and Logout Authentication for a Project Management Application
By: David Web
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 4 stars4 stars4 stars4 stars4 stars / 9
    2008-08-04

    Table of Contents:
  • Login and Logout Authentication for a Project Management Application
  • The HTML Form
  • The Logout Form
  • The Script

  • Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     
    ADVERTISEMENT


    Login and Logout Authentication for a Project Management Application


    (Page 1 of 4 )

    In this article we continue to look at the login and logout scripts of the project management application. We ended the previous article by looking at the PHP code of the login script. In this article we will be looking at the HTML login form and the logout script.

    To quickly recap: the login script is responsible for authenticating a user's log-in credentials. It takes the user's username and password, and compares them to the information in the database. Here’s the code that makes that comparison; I’ve already explained in detail what the code means in the previous article and will not do it here. 

    <?php

    include "dbcon.php";

    include "functions.php";

    //initialise variables

    $err=false;

    $errmsg=””;

    //is form submitted?

    if(isset($_POST['submit'])){

    //check that the form values are not empty, if so, set errormsg value

    if(empty($_POST['uname'])){

    $errmsg="The username field is empty, please enter a username<br>";

    $err=true;

    }

    if(empty($_POST['upass'])){

    $err=true;

    $errmsg .="The password field is empty, please enter password<br>";

    }

    //check that the username is in correct format

    if(!checkformat($_POST['uname'])){

    $err=true;

    $errmsg .="The username that you entered has a incorrect format.<br>";

    }

    //if there is no errors above, then clean the form values before using in query.

    if(!$err){

    $cleanuname = mysql_escape_string($_POST['uname']);

    $cleanupass = mysql_escape_string($_POST['upass']);

    $checkuser = "SELECT * from users WHERE uname = '".$cleanuname."' AND upass = '".$cleanupass."'";

    $checkuser_res = mysql_query($checkuser);

    $checkuser_num = mysql_num_rows($checkuser_res);

    if($checkuser_num > 0){

    //if user exists and passes authentication

    //setup session variables and redirect to index page

    $row = mysql_fetch_assoc($checkuser_res);

    $_SESSION['name'] = $row['name']." ".$row['sname'];

    $_SESSION['uid'] = $row['uid'];

    $_SESSION['level'] = $row['level'];

    //redirect

    header("location:main.php");

    }else{

    //if values do not match set errmsg

    $err=true;

    $errmsg .="The username or password you entered does not match.<br> MYSQL ERROR ".mysql_error();

    }//else

    }//end $err check

    } //end form submit check

    The user's login information is stored in a MySQL database table called “users” and contains all the information that the project management application will need to manage the user. Below is the SQL for the table; as with the earlier code, I’ve already explained what each field is for. Check the previous article for more information.

    CREATE TABLE `users` (

    `uid` int(11) NOT NULL auto_increment,

    `name` varchar(20) NOT NULL default '',

    `sname` varchar(20) NOT NULL default '',

    `uname` varchar(100) NOT NULL default '',

    `upass` varchar(8) NOT NULL default '',

    `level` enum('admin','normal') NOT NULL default 'normal',

    `last_login` datetime NOT NULL default '0000-00-00 00:00:00',

    `email` varchar(100) NOT NULL default '',

    PRIMARY KEY (`uid`)

    ) TYPE=MyISAM AUTO_INCREMENT=5 ;

    That is basically all there is to the login part of user authentication.

    More PHP Articles
    More By David Web


       · Tables for layout? Not a single class, object or function? This might have been fine...
       · It would have been good to post what checkformat () contains for other users, also I...
       · Unless I am seriously mistaken you use a style sheet for formatting but forgot to...
     

       

    PHP ARTICLES

    - Working With Different Namespaces in PHP 5
    - User Management Explained: Overview
    - Using Namespaces in PHP 5
    - Database Security: Guarding Against SQL Inje...
    - Building a Modular Exception Class in PHP 5
    - Database and Password Security for Web Appli...
    - Handling MySQL Data Set Failures in PHP 5
    - Building Site Registration for Web Applicati...
    - Intercepting Customized Exceptions in PHP 5
    - Securing Your Web Application Against Attacks
    - Sub Classing Exceptions in PHP 5
    - Authentication for Web Application Security
    - Building a Content Management System with Co...
    - Filters and Login Systems for Web Applicatio...
    - Working with the Email Class in Code Igniter





    © 2003-2008 by Developer Shed. All rights reserved. DS Cluster 6 hosted by Hostway
    Stay green...Green IT