Admin Login

All user account is saved in tbl_user. For simplicity the table will only contain the bare necessities such as user id and password. You can add more column if you want to.

This is how the login works

The admin enter it's username and password
The script check whether that username and password combination do exist in the database
If it is set the session then go the admin main page
If it's not then show an error message

Below is the login page screenshot :

Onlin Shop Admin - Login

The default user name and password are "admin" ( without the quotes )

The login function is called doLogin() and it's located in admin/library/functions.php

Source code : admin/library/functions.php

function doLogin()
{
// if we found an error save the error message in this variable
$errorMessage = '';

$userName = $_POST['txtUserName'];
$password = $_POST['txtPassword'];

// first, make sure the username & password are not empty
if ($userName == '') {
$errorMessage = 'You must enter your username';
} else if ($password == '') {
$errorMessage = 'You must enter the password';
} else {
// check the database and see if the username and
// password combo do match
$sql = "SELECT user_id
FROM tbl_user
WHERE user_name = '$userName' AND
user_password = PASSWORD('$password')";
$result = dbQuery($sql);

if (dbNumRows($result) == 1) {
$row = dbFetchAssoc($result);
$_SESSION['plaincart_user_id'] = $row['user_id'];

// log the time when the user last login
$sql = "UPDATE tbl_user
SET user_last_login = NOW()
WHERE user_id = '{$row['user_id']}'";
dbQuery($sql);

// now that the user is verified we move on to the next page
// if the user had been in the admin pages before we move to
// the last page visited
if (isset($_SESSION['login_return_url'])) {
header('Location: ' . $_SESSION['login_return_url']);
exit;
} else {
header('Location: index.php');
exit;
}
} else {
$errorMessage = 'Wrong username or password';
}

}

return $errorMessage;
}

If the login is successful this function will set the session variable $_SESSION['plaincart_user_id']. All admin pages will check for this session id using the checkUser() function. If the session id is not found then the function will set a redirection to the login page.

The checkUser() function look like this :

Source code : admin/library/functions.php

function checkUser()
{
if (!isset($_SESSION['plaincart_user_id'])) {
header('Location: ' . WEB_ROOT . 'admin/login.php');
}

if (isset($_GET['logout'])) {
doLogout();
}
}

You see that if $_SESSION['plaincart_user_id'] is not set we just redirect to the login page. Very simple right?

Another thing that this function check is if there's a 'logout' in the query string. If it is then we call the doLogout() function which will remove the session id.

Source code : admin/library/functions.php

function doLogout()
{
if (isset($_SESSION['plaincart_user_id'])) {
unset($_SESSION['plaincart_user_id']);
session_unregister('plaincart_user_id');
}

header('Location: login.php');
}

Next we start making the category pages

Admin Control Panel

PHP MySQL Shopping Cart Tutorial : Admin - Login

Admin - View Category

At long last i'm finally able to update this site. Now the shopping cart can handle payment through paypal. As always you have any critiques, questions, comments or problems about this tutorial please tell me. Click here to send your feedback. And if you like this tutorial please link to this site. It will really help a lot :-)

"I made an extra $378 last week promoting just 1 site. Click here to see which site is it. Join today!"

I made extra $378 last week. Click here to learn how

PHP MySQL Shopping Cart Tutorial
Copyright © 2005 - 2009 www.phpwebcommerce.com