web diary

[geyids]

Hi forumz
I've got a friend who wants me to make him a diary that only him can access and maybe some other friends. Anyone with such a script would be very helpful

Cheers Jon

[1840dsgn]

Just create a login authentication system with PHP. Look for tutorials theres plenty out there, and ready made scripts.

[alexgeek]

Since there's only a few person viewing it, you'd only need one or two usernames so mysql would be pointless i guess.
This might work, haven't tested it.
login form:

Code: Select all

<form action="login.php" method="post">
<p>Username<br>
<input type="text" name="user"></p>
<p>Password:<br>
<input type="password" name="pass"></p>
<p><input type="submit" value="login"></p>
</form>

login.php:

PHP: Select all

<?php 
session_start
$username=$_POST['user'];
$password=$_POST['pass'];
$checkuser="username"; //replace username with your own.
$checkpass="password123"; //replace with your own password like above

if($username == $checkuser && $password == $checkpass) {
$_SESSION['loggedin'] == $username;
} else {
echo "wrong username/password";
}
?>

everypage that should be protected from people not logged in should have:

PHP: Select all

<?php 
session_start;
if (!isset($_SESSION['loggedin'])) {
echo "you aren't logged in";
exit();
} 
?>

<!-- html here -->

That should work
Sorry if you know how to do this already.

[geyids]

Quote:

Originally Posted by alexgeek

Since there's only a few person viewing it, you'd only need one or two usernames so mysql would be pointless i guess.
This might work, haven't tested it.
login form:

Code: Select all

<form action="login.php" method="post">
<p>Username<br>
<input type="text" name="user"></p>
<p>Password:<br>
<input type="password" name="pass"></p>
<p><input type="submit" value="login"></p>
</form>

login.php:

PHP: Select all

<?php 
session_start
$username=$_POST['user'];
$password=$_POST['pass'];
$checkuser="username"; //replace username with your own.
$checkpass="password123"; //replace with your own password like above

if($username == $checkuser && $password == $checkpass) {
$_SESSION['loggedin'] == $username;
} else {
echo "wrong username/password";
}
?>

everypage that should be protected from people not logged in should have:

PHP: Select all

<?php 
session_start;
if (!isset($_SESSION['loggedin'])) {
echo "you aren't logged in";
exit();
} 
?>

<!-- html here -->

That should work
Sorry if you know how to do this already.

Says there is an error on this line

PHP: Select all

$username=$_POST['user']; 

[alexgeek]

sorry it should be:

PHP: Select all

session_start(); 

the missing semi-colon meant that it did not finish the line

[geyids]

wow that was cool. And can you put a logout buttons? what code do u put to it?

[alexgeek]

I use this method:

PHP: Select all

<?php 
session_destroy();
echo "You have logged out";
?>

Save it as logout.php
then just link to it normally like:
<a href="logout.php">Click here to logout</a>

[geyids]

I have put the code in the logout.php file and this is what I get

Code: Select all

Warning:  session_destroy(): Trying to destroy uninitialized session in /mypath/logout.php on line 2
You have logged out

did I mess somewhere?

[alexgeek]

oh sorry
i think it should be:

PHP: Select all

   <?php 
session_start();
session_destroy();
echo "You have logged out";
?>

[geyids]

that works but if you click back it still displays the details that are supposed to be secure. Even when you put a wrong password it still dispays the information but still gives you the "wrong password"
Checkout here. Is it neccessary to display everything that I have put here?

[alexgeek]

What's the link to the page that the content is actually on?
and what username/password are you using?

[geyids]

http://john.habari.co.tz/loginphp/
Username: admin
Password: 123

After login try to click on NOT link says "you aren't logged in"

[alexgeek]

okay i don't understand what the "not.php" page is for.
but put this on your content protected page after session_start();

PHP: Select all

print_r ($_SESSION); 

and tell me what you get.

[geyids]

When I login I get this

Code: Select all

Array ( ) you aren't logged in

am I supposed to add the protected pages script to the login.php?

[geyids]

Ok. Let me just put the whole thing here:

index.php

HTML: Select all

<form action="login.php" method="post">
<p>Username<br>
<input type="text" name="user"></p>
<p>Password:<br>
<input type="password" name="pass"></p>
<p><input type="submit" value="login"></p>
</form>

login.php

PHP: Select all

<?php
session_start();
$username=$_POST['user'];
$password=$_POST['pass'];
$checkuser="admin"; //replace username with your own.
$checkpass="123"; //replace with your own password like above

if($username == $checkuser && $password == $checkpass) {
$_SESSION['loggedin'] == $username;
} else {
echo "wrong username/password";
}
?>

<?php
session_start;
print_r ($_SESSION);
if (!isset($_SESSION['loggedin'])) {
echo "you aren't logged in";
exit();
}
?>

<b><i>Many details here</i></b><br />
<a href="logout.php">Click here to logout</a><br />
<a href="not.php">NOT</a>

logout.php

PHP: Select all

<?php
session_start();
session_destroy();
echo "You have logged out";
?>

not.php

PHP: Select all

<?php
session_start;
print_r ($_SESSION);
if (!isset($_SESSION['loggedin'])) {
echo "you aren't logged in";
exit();
}
?>

Please correct incase of any errors

[alexgeek]

Okay for starters you don't need to link to the not page, as it's already in the login code.
What is the exact problem you are having?

[alexgeek]

Oh and my fault, change:

$_SESSION['loggedin'] == $username;

to

$_SESSION['loggedin'] = $username;