admin login html


<?php

#Wap in Php for Session Based Application


include 'errors.php'; //note

include 'functions.php'; //note


?>

<!Doctype html>

<html>

<head>

</head>

<body>

<h1>Welcome to Session Based Login</h1>

<?php show_errors(); ?>

<form action="logcode.php?/=<?php echo basename($_SERVER['PHP_SELF']);?>" method="post">

<p>

Email : <input type="email" name="email" id="email"/>

<?php show_errors('email'); ?>

</p>

<p>

Password : <input type="password" name="password" id="password"/>

<?php show_errors('password'); ?>

</p>

<p>

<input type="checkbox" name="remember" value="remember">Remember Me

</p>

<input type="submit" value="Login" name="login-btn">

</body>

</html>



  Login Code



<?php


$dbemail = "admin@gmail.com";

$dbpass = "admin";


include 'functions.php';

if($_SERVER['REQUEST_METHOD']=='POST'){

if(isset($_POST['login-btn']) and !empty($_POST['login-btn'])){

$email = isset($_POST['email'])?$_POST['email']:NULL;

$password = isset($_POST['password'])?$_POST['password']:NULL;

$email = sanitise($email); //XSS Filtering

$password = sanitise($password); //XSS Filtering

//check for Email Blank

if(is_null($email) or empty($email)){

header("location:{$_REQUEST['/']}?action=email&msg=303");

exit;


}

//Check for Password Blank

if(is_null($password) or empty($password)){

header("location:{$_REQUEST['/']}?action=password&msg=304");

exit;


}

if(!empty($email) and !empty($password)){

//check for email and password

if(($email == $dbemail) and ($password == $dbpass)){

session_start();

//session Created 

//timestamp for user 

//Initialise the session data

$_SESSION['user']=array(

'name'=>'Admin',

'email'=>$email,

'password' =>$password,

);

header("location:dashboard.php?_status=login-success");

}else{

    header("location:{$_REQUEST['/']}?msg=305");

}

}

}else{

header("location:{$_REQUEST['/']}?msg=302");

}


}else{

header("location:{$_REQUEST['/']}?msg=301");

}




Dashboard


<?php
//starting the session
session_start();
//secure the Session
$session=$_SESSION['user'];

if($session==""){ //Universal
header("location:login.php?msg=307");
}



//How to get session data
$email = $session['email'];

?>

<h1>Welcome to Dashboard</h1>

<h4>Welcome :<?php echo $email;?> <h4>

<a href="logout.php">Logout</a>


Logout



<?php
session_start();

if(isset($_SESSION['user'])){
session_unset($_SESSION['user']);
session_destroy();
header("location:login.php?msg=306");
}




//Logut Logic
// if(isset($session)){
// if(!is_null($session) and !empty($session)){
//1. unset
//2. destroy
// session_unset($_SESSION['user']); //unset session Key
// session_destroy(); //destroy the Timestamp for session
// header("location:login.php?msg=306"); //Redirect
// }
// }



Admin Login Code and session management in Php