View Full Version : Member Login

07-12-2002, 04:51 PM
Hi, i've just started using php, which I love. I saw the member login info on the www.phpbeginner.com page. it didn't work at all. in fact, i contacted the author of the info and he tried to help me. He even promised to make me an htacess script. So far, it's been 3 months, no script. sooo, i've come to you wise people.

i just want to use cookies to keep a person logged in. That's all. I want that they sign up to be a member, and once a memeber, they can browse around the site.

how do i do that?

oh, and i want to make sure they don't enter pages if they are not logged in. of course.....

07-12-2002, 07:14 PM
First, you need to have the form. I will create a basic one here.

<form name="login" action="login.php" method=post>
Username: <input type=text name="user"><br>
Password: <input type=password name="pass"><br>
<input type=submit value="Submit!">

Once you've had the form submitted, the variables will automatically be processed. So, $user would be the user field, and $pass would be the pass field.

To set a cookie, the function is setcookie(). Example:


So, in login.php you would put something like this:

if ($user == 'username' && $pass == 'password') {
echo "Correct! You are logged one!";
} else {
echo "Invalid username or password!";

Remember... You said you were a newbie that's the only reason I gave a semi-detailed explaination - it's because I think your an idiot just to let you know. :)

07-12-2002, 07:21 PM
you think i'm an idiot? or did you mean 'not because i think...' ?

ah who cares?

Thanks for the code!


07-12-2002, 07:23 PM
btw, when they visit other pages, how will it make sure they are logged in? as you said, i'm a newbie.

07-12-2002, 11:40 PM

I know I should just read a tutorial, or I will get called an idiot too, but.... :D

What does the time()+3600 do exactly? sets a time limit for them to be logged in?

And I am along with Trusten... How do you make sure they are still logged in?

Also, how do you make it so they get logged ou if they close the browser?

07-13-2002, 11:34 AM
time() gives the current unix timestamp i.e. now +3600 seconds so the cookie should last for 1 hour

+ I think IKinsler meant to say something like idiot-proof , probably with no slur intended??? hopefully

to track your users in other pages Trusten, add this either to all pages you wish to protect, or in an included file


note that sessions are more reliable though so follow spooksters links!

07-13-2002, 02:32 PM
whoo hoo!

thank you!

yeah, i'm sure he meant nothing by it. but those links are great.

thanks a lot!

oh, did i mention that I love you guys?


02-15-2003, 12:49 AM
Cool Firepages :D, that worked great. I have been looking for something like this for ages.

;) Matt

04-11-2003, 10:30 PM
ok..so this script works extremely well for what im doing...the only thing is..i need to add more than one user which would mean several diff passwords and usernames. How would i do that?

04-11-2003, 10:48 PM
I have advanced quite alot since I last posted in this thread :D

I am hoping you have a database, if not, then there are other ways.

Using a database:

Right, create a table in your database called users, or something like that. To make this process more secure than cookies, you may also wish to use sessions...

make sure the table `users` has the Coluns

Username | Password | UserId

Now for the PHP:

First, the login form page:

<form name="whatever" action="cnf_login.php" method="post">
Username: <input type="text" name="username" /><br />
Password: <input type="password" name="pass" /><br />
<input type="submit" value="Login" />

Now the cnf_login.php file...

session_start(); // Starts a PHP session

$DBuser = 'database_user_name'; // Database username
$DBpass = 'database_password'; // Database password
$DBhost = 'database_host'; // Database host, usually localhost
$DBbase = 'database_name'; // Database name to use

$db = @mysql_connect($DBhost,$DBuser,$DBpass) or die('Failed Connection');
@mysql_select_db($DBbase,$db) or die('Database not found');

$find_user_query = "SELECT * FROM `users` WHERE Username='".$_POST['username']."' AND Password='".$_POST['password']."';";

$find_user = mysql_query($find_user_query);

if(mysql_num_rows($find_user) == 1) // If a user match is found
$_SESSION['loggedin'] = true;

$USER = mysql_fetch_array($find_user_query);

echo 'User or pass incorrect';

You can then test for logged in by doing:


if(!isset($_SESSION['loggedin']) || !isset($_COOKIE['user']) || !isset($_COOKIE['userid']))
// They are not logged in

This code was quickly written so there may be bugs, if you need more help, or if you dont use mysql, post back or PM me.

04-11-2003, 10:51 PM
id rather not use sql

04-12-2003, 12:25 AM
Right what I would do ( this is what I did on my first php website when I did not have mysql ) is use several text files....

I will use the example of my username being user and my password being pass.

For each user, if you create a file called user_pass.txt ( the users username followed by their password, separated by an underscore, and place it behind your www directory, so inaccessable by a URL.



// Do login stuff
// Failed login