#native_company# #native_desc#

A simple user auth

By Ahmet Karakilcik
on April 6, 2002

Version: 4

Type: Full Script

Category: Other

License: GNU General Public License

Description: User auth system that uses adress line for have user’s sessionid. It seems good way if we let a user see our secret pages for a period.

Mysql table shema for this script
  userid int(11) NOT NULL auto_increment,
  username varchar(12) NOT NULL DEFAULT '' ,
  userpass varchar(32) NOT NULL DEFAULT '' ,
  sesid varchar(32) NOT NULL DEFAULT '' ,
  time int(14) NOT NULL DEFAULT '0' ,
  PRIMARY KEY (userid),
  INDEX userid (userid)

function user_check(){
 global $username,$userpass,$gonder,$time;
 $check_user = @mysql_query("SELECT userid FROM user WHERE username = '$username' AND userpass = '".md5($userpass)."'");
 $row = mysql_fetch_array($check_user);
 $userid = $row["userid"];
 if (!empty($userid)) {
 //generate session id and time we close the session
   $sesid = md5(time());
   $time = time() + 360;
   @mysql_query("UPDATE user SET sesid='$sesid',time='$time' WHERE userid='$userid'");
   //Instead of cookies or session we know our user's id and etc. from adress line
 } else {
  echo die("<center>Wrong password or username please try <a href=login.php>again!!!</a></center>");

function session_check() {
 global $sesid;
 $check_time = @mysql_query("SELECT zaman FROM user WHERE sesid = '$sesid'");
 $time_row = @mysql_fetch_array($check_time);
 $bitis = $time_row["time"];
 if ($bitis < time()){
 die("<center>Your session timeout please <a href=login.php>login</a>...</center>");
if (!empty($submit)){
} else {
echo "<form action=login.php method=post>
<table width=350 border=0 cellpadding=1 cellspacing=0 align=center>
       <td width=150>Username :</td><td><input type=text name=username size=15></td>
       <td width=150>Password :</td><td><input type=password name=userpass size=15></td>
       <td width=150>&nbsp;</td><td><input type=submit name=submit value=Submit></td>
} ?>

//check session id and time from mysql
//then show content
echo "<center>Here is your secret page. <br>
Don't forget to put $sesid to your links eg:http://yourhost/nextpage.php?sesid=$sesid</center>";