8 hours
define('SESSION_NAME','TheSessionName');
define('AUTH_USER','the user name');
define('AUTH_PASS','the password');
define('AUTH_KEY','the special key');
session_set_cookie_params(SESSION_LIFETIME);
session_name(SESSION_NAME);
session_start();
session_regenerate_id(true);
$needsLogin = true;
if(isset($_GET['do']) && $_GET['do'] == "logout") {
# clear session info
session_destroy();
$_COOKIE = array();
$_SESSION = array();
# "reload" the page
header("Location: ./session-based.php"); # rename to the correct file!
}
elseif(isset($_SESSION[SESSION_NAME]['someKey']) && $_SESSION[SESSION_NAME]['someKey'] === AUTH_KEY) {
$needsLogin = false;
}
# process the login form
if(isset($_POST['doLogIn'])) {
if(isset($_POST['username']) && isset($_POST['password'])) {
$username = trim($_POST['username']);
$password = trim($_POST['password']);
if(!empty($username) && $username === AUTH_USER
&& !empty($password) && $password === AUTH_PASS) {
# register the session
$_SESSION[SESSION_NAME]['someKey'] = AUTH_KEY;
$needsLogin = false;
# "reload" the page
header('Location: session-based.php'); # rename to the correct file!
}
}
}
header('Content-type: text/html; charset=UTF-8');
?>
SESSION based user auth
Simple $_SESSION based auth method
Login form
You are logged in.
Do you want to logout ?