Newbie: Looking for some help building a login form

[rhysboy84]

Hi everybody!

I'm playing around with PHP & MySQL at the moment, and am trying to learn various ways to do things and hopefully - in time - build up an application.

What I'm trying to do (more because a mate wanted one, and I want to see how they work), is creating a login form. The form will check a database for values for username and password, and if they match the result from the login form, they'd allow you into the directory (say "admin").

Now I can create said login form to check for the variables if there is a admin/login.php form. However, any other file in the admin/ directory is visible anyway, login form or not.

Any help on how to create it (tutorials mainly) would be greatfully appreciated!

Thanks

[Dan Grossman]

The basic idea is to put a snippet at the top of each page you want to protect like this:

PHP Code:

<?php
session_start();
if (!isset($_SESSION['logged_in'])) {
  header("Location: login.php");
  exit;
}
?>

Your login script sets that session variable. Then any request to any protected page will redirect to the login form if the user is not logged in.