you are right to some exetend
extra info about what a loging system should contain :
1. a login page. It should have page where users can add they're user and password and login.
2. The login script. In the login page the action for the login form should be this login script. Here you check the username and password agains you're list of users and login the user or return the user to the login page with an error message ( depending on the case )
3. A function that check if an user is loged in or not. This function will redirect an user if he is not logged in and try's to enter a members area
4. A script to add/edit/delete users for the admin.
This could be done at first directly from the databse withou any aditional scripts
5. Also optional ( at first ) a page for forgotten password. This should have a link on the login page. The users must have beside the username and password an e-mail adress where you can send them they're password in case they forget it.
In short you should make the folowing :
1. a filed called users.functions.php that contains the folowing functions :
- check_login() check if a user is loged in and redirect him to the login page if he is not
- login_user() try's to login a user that used the login form
2. login_form.php a simple page that has a form with the login.php at the action tag
3 login.php trigers the function login with the variables posted in the form from login page ... and send the user back to the login page or to the members area
I hope you understood my logic  |
