Making a admin login page

All user account is saved in tbl_user. For simplicity the table will only contain the bare necessities such as user id and password. You can add more column if you want to.

This is how the login works

1. The admin enter it's username and password
2. The script check whether that username and password combination do exist in the database
3. If it is set the session then go the admin main page
4. If it's not then show an error message

Below is the login form screenshot:



The default user name and password are "admin" ( without the quotes )
and source code of a form



And a script should be on top:



The login function is called doLogin() and it's located in admin/library/functions.php
The checkUser() function look like this :






If the login is successful, this function will set the session variable $_SESSION['plaincart_user_id']. All admin pages will check for this session id using the checkUser() function. If the session id is not found then the function will set a redirection to the login page.

Another thing that this function check is if there's a 'logout' in the query string. If it is then I call the doLogout() function which will remove the session id.

function doLogout()
{
if (isset($_SESSION['plaincart_user_id'])) {
unset($_SESSION['plaincart_user_id']);
session_unregister('plaincart_user_id');
}

header('Location: login.php');
exit;
}

Testing my functions on validation





If all checking validatations are past, then go to customer home page (member area)