Hi Guys,
So I have this script, I no this is not a good way of going about what i am doing but I want to get it working this way as a learning curve more than anything so please dont suggest I try a different way.
I have been using a very basic login script i wrote a while ago which takes data from a form into a string, checks the string against a predefined value using a if statement and then depending on the output with include a external html page. this works as a very basic (and unsecure) login system. However as it stands the html page which is included could easily be called up from the server and shown anyway. not very secure at all, but I have never needed it to be so, it was more for looks.
I now want to improve this script with the addition of sessions.
I have written out in php what I want to do. its very simple but it doesnt work. Also need a way of validating the session on the page which is included. just something to add to the top which says:
if ($_SESSION[‘password’]!==admin)
header(url=”index.php”);
ok so here is my html code which wud include the php file.
[code=php]<?php
$password = $_REQUEST[‘password’] ;
$user = $_REQUEST[‘user’] ;
session_start();
$_SESSION[‘user’]=$user;
$_SESSION[‘password’]=$password;
if ($_SESSION[‘password’]==null)
header(‘Refresh: 0; url=”index.php”‘);
elseif ($_SESSION[‘user’]==null)
header(‘Refresh: 0; url=”index.php”‘);
elseif ($_SESSION[‘password’]==’example’ and $_SESSION[‘user’]==’admin’)
header(‘Refresh: 0; url=”ID=113;3.php”‘);
elseif ($_SESSION[‘password’]==’example2′ and $_SESSION[‘user’]==’admin2′)
include (‘ID=115;3.php’);
else
include (‘incorrect.php’);
?>
if someone cud take a look at how i could do this or why its not workign that would be great!
Thanks,
Mike