Very good Login Script...

Hello, Im currently in the begining stages of designing a new web project....

I have scanned about for many LOGIN tutorials, and have followed about 3 so far...

It buggs me that once i have completed the tutorial, i scroll down and read posts from PHP dons, that tear the code appart....!

So........can any one point me in the right direction for a secure PHP login. Using Sessions? Cookies? Whatever is best...

Many Thanks

You can check what i have done so far at

http://art.uk-graffiti.co.uk

www.uk-graffiti.co.uk - being the first PHP site i did.

First off, let me say welcome to the forums, gat!

Also, have you tried using the search function in the forum to look for secure login? I'm sure that there were a few threads that had just this exact thing listed..

Also, do you have any code you have worked on that you'd like to post? It's always easier for us to work with projects like these if we have something to go by

I like the layout of that site, what did you use to make it?

Also, for your registration, you may want to have a screen confirming any login information, or have an email sent to the user when they register confirming the username/password, any any instructions for changing the password, logging in, etc, included in that email.. just an idea

Well first off "nicat23" thanks for the warm welcome...
It makes a nice change to come to a board where people are friendly and help...

Anyway....

About the design, im ok at that sort of stuff. But i lack on the coding front....this is what i am trying to brush up on.

I Usualy use Fireworks to build up the site structure etc..With this Art site, i made the header in flash, (still needs more work) and the rest of the lay out was made in DW.

Your comments:

What you suggested is exactly what i am after.
I need to take (in the reg form)

Username
Password
confirm password ?
Location
Email
Biog (about them selves)

And ideally i would like an email sent to them with an activation link. Like most forums use. However the book i am currently working from lets anyone register with no validation accept email.

I think now may be the time to splash out on a comprehensive book on PHP, but im sure there must be tutorials out there. someware.

If you have any suggestions as to how i can get started please get back....many thanks

g.

by the way nicat..did you know users can just press submit having entered no details and log in (on your site) ?

The confirmation email is just something that I would recomend, that way the end user has a copy of their information, since you may or may not be able to pull that up for them..

Here are my search results for the forum, try reading some of those threads and let me know if you're having an issue after that... Lots of REALLY good info in those results

And yeah, I know that users don't have to enter info.. my site is still a work in progress itself.. been busy with work and planning a wedding, so havent been able to update it.. Thats part of the reason why I recomended that you create a verification email (which is something that I'm working on now )

My current logon does work.

I have a DB USERS

User_ID
Username
Pasword

The login page is here

http://art.uk-graffiti.co.uk/login.php

User = please
pass = help

Try loggin on with the wrong user/pass and with the above ^^

The correct error messages appear. But when i log in successfuly and click "check status" nothing appears.

here is the code for the login:



here is code for "checkstatus"



I really appreciate the help and any tips on improvements.