PHP Login Script

PHP Login Script

Session id: Session id is a unique value generated by the web server (when user sends the first request to the server). The value is alfa numeric string.

*When the session id is created, the server creates a file in server temporary location to maintain the information of user, the file name starts with “sess id” rest of the name is session id what the user got.

*The session id stores in the client system as a cookie, the name of the cookie is “PHPSESSID” and the value is session id.

*For every sub request and responses the same session id will transform from client system to web server and web server to client system, that is why the session id is same between the request and responses.

*When the user closes the web browser the cookie will distract from the client system, if the user again reconnected with the server, new session id will generate by the server.

session_id:  By using thie function we can get the session id generated by the server.

session_unset: By using this function we can delete the data of the session.

session_destroy : Bys using this function we can destroy the sessions.

Dan PHP Script

login.php

<?php
session_start();
if (isset($_POST['sub']))
{
$uname=$_POST['txtuname'];
$pwd=$_POST['txtpwd'];
if($uname=="scott" and $pwd=="scott123")
{
$_SESSION['sid']=session_id();
echo
"<script>location='welcome.php'</script>";
}
else
{
echo "invalid user";
}
?>
<form method="post" action="">
USERNAME <input type="text" name="txtuname">
<br>
Password <input type="text" name="txtpwd">
<br>
<input type="submit" name="sub" value="Login">
</form>

welcome.php

<?php
session_start();
if($_SESSION['sid']==session_id())
echo "valid";
else
echo
"<script> location='login.php' </script>";
?>
<a href="logout.php">logout</a>

logout.php

<?php
session_start();
echo "log out succ";
session_unset();
?>