Basic Restricted Pages with PHP June 24th, 2014

1. Create database with tables (at least 2 with 1 being for users)
2. Create a user with limited privledges to the database
3. Create a connection file using the new user
4. Use the following on the main public page to ensure no sessions are currently active

   //CALL SESSION AND DESTROY
   session_start();
   unset($_SESSION);
   session_destroy();

5. Create a loginfailed page
6. Create a login page which posts to a login_processor page (can use same code from sample with minor edits for correct variables) and point the form to action=”<?php echo $loginFormAction; ?>”
7. On any page you want locked down, call the access script include
8. For logout, set any link to href=”<?php echo $logoutAction ?>”>
9. Create manage, add, delete, edit, edit_processor, and logout (can use same code from sample with minor edits for correct variables)… be sure to use the following on all restricted pages…

   //IF NOT LOGGED IN, GO TO LOGIN
   session_start();
   if (!isset($_SESSION['access'])){
       header("Location: login.php");
   }