Most of my friend asking me to send how I can write login logout system. For them and those who are in starting phase of php I have wrote a code so it will be useful for them. I am adding here the code : <?php // For Logout Simply call the function FnLogOutUser() this will work. $LoggedInLoggedOutClassObj = new LoggedInLoggedOutClass; $UserID = $LoggedInLoggedOutClassObj->FnCheckUserLoggedIn(); if($UserID == '') { $UserID = 1; //At first fetch the user_id from table and store in a array $UserIDInArray = array ( 'UserID'=>$UserID ); //Call this function to user login $LoggedInLoggedOutClassObj->FnLoginUser($UserIDInArray); } if($UserID != '') { //Do What ever logged in part you want do echo 'UserLoggedIn'; } else { // Open logged in form. } class LoggedInLoggedOutClass { function FnCheckUserLoggedIn() { $UserID = isset($_COOKIE['YourDomainName'])?$_COOKIE['YourDomainName']:''; return $UserID; } function FnLogOutUser() { setcookie ("YourDomainName","", time()-3600,"/"); } function FnLoginUser($UserIDInArray) { setcookie("YourDomainName",$UserIDInArray['UserID'],time() + 3600,"/"); return TRUE; } } ?> PHP:
This is REALLY not secure. I could log in as anybody by simply changing the value in the cookie. Or I could log in by simply sending a fake cookie not sent by your site, and log in without username or password.
Yes Nico_swd any one can logged in by editing the cookie. But this is for beginner those who want to understood. One thing can we do while creating cookie we will encrypt the user id and while fetching it we will decrypt it. I think this will secure then.
Kinda silly method of authentication but using a class for it is just fine. You don't always need to store data in the object, you can use classes as namespaces and encapsulation, it helps with keeping things organized and easy to follow/debug in the future.
You can't just post a bad code and say that it's for newbies so they can learn new stuff. Create a tutorial if you want to teach. I can unpack an open source project and I'm sure that I can see better code than this crap that you posted above which is also highly insecure.
This code is not helpful for me and i think not for anyone else who know a little bit programming in PHP.
Lol who is saying it is not helpful. But it can be good. It is so simple. Need to be some more secure
For login and logout what type of easy code you want. If anyone want to make it secure he can do it as I discussed before by encrypting and decrypting then Whats the problem you are facing? I have not wrote full code OK in my next post I will make it secure. I think for beginner it is perfectly fine.