Logging In - PHP

Want to restrict access to certain sections of your Web site?Or customize page content on the basis of user preferences? Or eventrack user movement across your site? Well, the bad news is that you'llneed to learn how to authenticate users on your site. The good news isthat this tutorial has everything you need to get started.

TABLE OF CONTENTS:

By: The Disenchanted Developer, (c) Melonfire

Poor Best

Rating:

/ 59

March 13, 2002

print this article

SEARCH DEV SHED

TOOLS YOU CAN USE

The alternative approach involves bypassing Apache's HTTP authentication altogether, relying instead on custom programming to perform access control and session management. This allows you to customize both the user interface presented for login, and also the data source used for credential verification.

You can write code for this in any language; I'll be using PHP, since it comes with built-in session management support, which will make things easier.

Let's assume the following directory structure:


/usr/local/apache/htdocs/
index.php
login.php
error.php
inner.sanctum.php

Let's also assume that the file I need to protect is "inner.sanctum.php"

First up, I need to define my custom login form. Here's what I came up with:

<?
// index.php - login form
?>
<html>
<head>
<basefont face="Verdana">
</head>
<body>
<center>
<table border="0" cellspacing="5" cellpadding="5">
<form action="login.php" method="POST">
<tr>
<td>Username</td>
<td><input type="text" size="10" name="f_user"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" size="10" name="f_pass"></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit"
name="submit" value="Log In"></td> </tr> </form> </table> </center>
</body>
</html>

Here's what it looks like:

Once the user submits this form, the username and password entered will be stored in the form variables $f_user and $f_pass respectively. These variables can be accessed by the PHP-based form processor, coming up on the next page.

Next: Rank And File >>