index.

php
<?php
require 'check-user.php'; // Require check-user.php (ALWAYS Use require For Im
portant Files Such As This
if ($admin == '1') { // If User Is An Admin
print 'Logged in as a admin.';
print '<br /><br />';
print '<a href="logout.php">Logout</a>';
} else if ($auth == '1') { // If User Is Just A Regular User (Non-Admin)
print 'Logged in as a user.';
print '<br /><br />';
print '<a href="logout.php">Logout</a>';
} else { // If No Cookies Are Set, Cookies Are Expired, Or Cookies Contain Inv
alid Username And/Or Password
print 'NOT logged in.';
print '<br /><br />';
print '<a href="login.php">Login</a>';
}
?>
check-user.php
<?php
$sqluser = ""; // MySql Username
$sqlpass = ""; // MySql Password
$sqlhost = "localhost"; // MySql Host Address - Default Is localhost
$sqldb = ""; // MySql Database Name
mysql_connect($sqlhost, $sqluser, $sqlpass); // Connecting To MySql
mysql_select_db($sqldb); // Selecting MySql Database
if (isset($_COOKIE['user']) && isset($_COOKIE['pass'])) { // Checking To See I
f Cookies Exist And If They're Good
$user = $_COOKIE['user']; // Setting The $user Variable
$pass = $_COOKIE['pass']; // Setting The $pass Variable
$logincheck2 = mysql_query("SELECT * FROM users WHERE user='$user' AND pass='$
pass'"); // Run A Query To See If The Username And Password Are Valid
$logincheck = mysql_num_rows($logincheck2); // Number Of Results Of The Quer
y
if ($logincheck > '0') { // If One Or More Users Were Found
$auth = '1'; // Valid User, Set $auth To 1
setcookie("user", $user, time()+60*60*24*30, "/", ".yoursite.com", 0); //
Updating The Cookie
setcookie("pass", $pass, time()+60*60*24*30, "/", ".yoursite.com", 0); //
Updating The Cookie
$admincheck2 = mysql_query("SELECT * FROM users WHERE user='$user' AND pass=
'$pass' AND admin='1'"); // Run A Query To See If The User Is An Admin
$admincheck = mysql_num_rows($admincheck2); // Number Of Results Of The Qu
ery
if ($admincheck > '0') { // If One Or More Users Were Found
$admin = '1'; // User Is An Admin, Set $admin To 1
} else {
$admin = '0'; // User Not An Admin, Set $admin To 0
}
} else {
$admin = '0'; // Invalid User, Set $admin To 0
$auth = '0'; // Invalid User, Set $auth To 0
}
} else {
 $admin = '0'; // Invalid User, Set $admin To 0
$auth = '0'; // Invalid User, Set $auth To 0
}
mysql_close(); // Closing The Connection
?>
login.php
<?php
if (!isset($_GET['subpage'])) { // If No Subpage Is Specified
if (isset($_GET['error']) && $_GET['error'] == '1') { // If An Error Is Set
And Is Set To 1
?>
<font color="#FF0000"><b>ERROR: </b>Invalid username and/or password. Please try
again.</font>
<? } ?>
<form method="post" action="login.php">
Username:<br />
<input type="text" name="username">
<br /><br />
Password:<br />
<input type="password" name="password">
<br /><br />
<input type="submit" name="login" value="Login">
</form>
<?
} else if (isset($_GET['subpage']) && $_GET['subpage'] == 'login') { // If A S
ubpage Is Specified And Set To login
$sqluser = ""; // MySql Username
$sqlpass = ""; // MySql Password
$sqlhost = "localhost"; // MySql Host Address - Default Is localhost
$sqldb = ""; // MySql Database Name
mysql_connect($sqlhost, $sqluser, $sqlpass); // Connecting To MySql
mysql_select_db($sqldb); // Selecting MySql Database
$user = $_POST['username']; // Setting The Variable (Always User Different V
ariable Names Than What Is In Your HTML Forms)
$pass = md5($_POST['password']); // Setting The Variable (Always User Differ
ent Variable Names Than What Is In Your HTML Forms - Password Should Also Always
Be MD5 Encrypted)
$usercheck2 = mysql_query("SELECT * FROM users WHERE user='$user' AND pass='$p
ass'"); // Check If Any Users Match Username & Password Entered
$usercheck = mysql_num_rows($usercheck2); // Number Of Results Of The Query
if ($usercheck > '0') { // If One Or More Users Were Found
setcookie("user", $user, time()+60*60*24*30, "/", ".yoursite.com", 0); //
Setting The Cookie
setcookie("pass", $pass, time()+60*60*24*30, "/", ".yoursite.com", 0); //
Setting The Cookie
header("Location: index.php"); // Redirect To index.php
} else {
header("Location: login.php?error=1"); // Redirect Back To The Login Form
With An Error
}
mysql_close(); // Closing The Connection
}
?>
logout.php
<?php
setcookie("user", $user, time()-60*60*24*30, "/", ".yoursite.com", 0); // Unse
tting The Cookie (By Setting The Time To Negative 30 Days)
setcookie("pass", $pass, time()-60*60*24*30, "/", ".yoursite.com", 0); // Unse
tting The Cookie (By Setting The Time To Negative 30 Days)
header("Location: index.php"); // Redirect To index.php
?>