user authentification

tuckenator · 4 May 2007 at 01:14

ok so i am logged in and a new session for 'uid' has been set
PHP Code:

PHP:

$_SESSION['uid']=$loggedinuser;

, now i wish to create a user authentification system to go at the top of each page to check if a user is logged in, and if not redirect them to login.php.

so far i have got:

PHP Code:

PHP:

<?php // useracesss.php 
session_start(); 

$uid = isset($_POST['uid']) ? $_POST['uid'] : $_SESSION['uid']; 
$pwd = isset($_POST['pwd']) ? $_POST['pwd'] : $_SESSION['pwd']; 

if(!isset($uid)) { 
header('Location: login.php'); 
} 
?>

it is working, but i am not sure if the code is correct?

Also i want to create a user access file so if a user has previously logged into my site in the same browser session, and go to google for e.g. when they return to my site they will automatically be redirected to main.php (user area).

any ideas on how i can accomplish this?

cheers tucks

toosepin · 4 May 2007 at 04:10

Code:

session_start(); 

$newip = $_SERVER['REMOTE_ADDR'];

if (!isset($_SESSION['uid']) || !isset($_SESSION['pwd']) || $newip != $_SESSION['uip']){ 

	header('Location: login.php');
	exit;

}

I always throw the 'check the IP rule' in for added security

When the user logs in, and the session is created - just store the IP address as a session variable.

user authentification

tuckenator

tuckenator

toosepin

toosepin