Where to place this PHP code?
I'm making a website with password protected area. I downloaded this on Hotscripts. The manual says I have to put ONE of these codes page that have to be protected. So, I guess I name that page with .php extension, and put one of those codes inside tags that mark php code. But do I put that code to head, body or the beginning of the page? At the end of this message is still one more code that was inside login.php (which naturally logs you in).
//If you want to check the session (not cookie)
if($_SESSION['logedin'] != 'John'){ //John is what you change the session name to be in login.php line 26
header("Location: login.php");
exit();
}
//If you want to check the cookie (not session)
if($_COOKIE['logedin'] != 'John'){ //John is what you change the cookie name to be in login.php line 24
header("Location: login.php");
exit();
}
//More secure (but cookies must be on)
if($_SESSION['logedin'] != 'John' || $_SESSION['logedin'] != 'John'){ //John is what you change the session and cookie names to be in login.php line 24 and 26
header("Location: login.php");
exit();
}
And here is login.php:
<?
//***********************************************************************************//
//** Please leave this message alone, no one will be able to see it, except coders.**//
// This script is copyrighted by PHP scripts, a Marsal Design Company.***************//
// To get your own verison of this system, please do download it from our site*******//
// located at [url]http://www.free-php-scripts.net****************************************//[/url]
// Script is free, no advertisement, no nothing....**********************************//
//***********************************************************************************//
session_start();
// ------------------------ Start Both -----------------------------------------------------
if($_COOKIE['logedin'] == 'yes' || $_SESSION['logedin'] == 'yes') {
header("Location: login.php");
exit();
}
// If the form was submited check if the username and password match
if($_POST['Submit']){
if($_POST['username'] == 'admin' && $_POST['password'] == 'testing' ){
// ------------------------ Start Both -----------------------------------------------------
// If username and password is right , store the session in a cookie
setcookie ('logedin', 'John',time()+30000); // Set the length of the cookie to 30000
//Create the Session id's (as many as you want, can also do the same with cookied)
$_SESSION['logedin'] = 'John';
// Redirect to the page
header("Location: paidforum.html");
exit();
} else {
$error = 'Password and/or Username Not Valid, Please Try Again!';
}
}
// :::::::::::::::::::NOTICE:::::::::::::::::::
// You will have to put this code on top of any page you want to limit access to //
// if($_COOKIE['logedin'] == NULL) {
// header("Location: login.php");
// exit();
// }
// To Log The Person Off The Session, Use The Logoff.php File included //
?>
Please Log In
" method="post" name="adminlogin" id="adminlogin">
PLEASE
LOG IN:
Username:
Password:
<? echo $error; ?>
Busy posted this at 10:23 — 15th July 2004.
He has: 6,151 posts
Joined: May 2001
you want to put that code above everything, even before the tag.
If you don't you will get a error, something like "can not send information, headers already sent"
Temudzin posted this at 13:57 — 15th July 2004.
They have: 42 posts
Joined: Jun 2004
Thanks, that was exactly the error message. You are the man!
-Teemu
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.