From b653ecc34a1f910e974c6fc35190617e78c5e9e6 Mon Sep 17 00:00:00 2001 From: Banana Date: Wed, 4 Apr 2012 14:29:15 +0200 Subject: [PATCH] session based user auth. simple example to get to know what is needed. --- authentication/session-based.php | 95 ++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 authentication/session-based.php diff --git a/authentication/session-based.php b/authentication/session-based.php new file mode 100644 index 0000000..f244154 --- /dev/null +++ b/authentication/session-based.php @@ -0,0 +1,95 @@ + 8 hours +define('SESSION_NAME','TheSessionName'); + +define('AUTH_USER','the user name'); +define('AUTH_PASS','the password'); +define('AUTH_KEY','the special key'); + +session_set_cookie_params(SESSION_LIFETIME); +session_name(SESSION_NAME); +session_start(); +session_regenerate_id(true); + +$needsLogin = true; + +if(isset($_GET['do']) && $_GET['do'] == "logout") { + # clear session info + session_destroy(); + $_COOKIE = array(); + $_SESSION = array(); + + # "reload" the page + header("Location: ./session-based.php"); # rename to the correct file! +} +elseif(isset($_SESSION[SESSION_NAME]['someKey']) && $_SESSION[SESSION_NAME]['someKey'] === AUTH_KEY) { + $needsLogin = false; +} + +# process the login form +if(isset($_POST['doLogIn'])) { + if(isset($_POST['username']) && isset($_POST['password'])) { + $username = trim($_POST['username']); + $password = trim($_POST['password']); + + if(!empty($username) && $username === AUTH_USER + && !empty($password) && $password === AUTH_PASS) { + + # register the session + $_SESSION[SESSION_NAME]['someKey'] = AUTH_KEY; + $needsLogin = false; + + # "reload" the page + header('Location: session-based.php'); # rename to the correct file! + } + } +} + +header('Content-type: text/html; charset=UTF-8'); +?> + + + SESSION based user auth + + + +

Simple $_SESSION based auth method

+ +

Login form

+
+ + +
+
+ +
+
+ +
+ +

You are logged in.

+

Do you want to logout ?

+ + + + \ No newline at end of file -- 2.39.5