Use session variables.
With them, you can limit the entry to the page only when the session is occurring.
Make a login page, and then allow session start on all your pages, so the login follows.
Then, on the page you require, just add a clause that determines that only with the session started as a member, can one enter the page. If not, exit to mainpage or something.
Example:
<?php
Session_start();
if (!isset($_SESSION["lojamusica"]))
header("Location:errorlogin.php");
if ($_SESSION["lojamusica"]!="OK")
header("Location:errorlogin.php");
?>
In here, i am only allowing people with the session started, and connected to the database to enter my webpage, just need to pu this on top of the pages.
This is my loggin example, which came from a form on a previous page:
<?php
Session_start();
Session_destroy();
mysql_connect("localhost","root","") or die("problema na conexao");
mysql_select_db("lojamusica");
$query = "SELECT username, password FROM login WHERE username='".$_POST["user"]."'";
$results = mysql_query($query) or die(mysql_error());
$num = mysql_num_rows($results);
if ($num == 0)
echo "Username not found!";
else {
$row = mysql_fetch_array($results);
if ($row["password"] == $_POST["pass"])
{
Session_start();
$_SESSION["username"] = $_POST["user"];
$_SESSION["lojamusica"] = "OK";
header("Location:mainpage.html");
}
else
header("Location:login2.html");
}
?>
This is the login page, simplified:
<form action="login.php" method="POST">
<label>Username:</label>
<input type="text" name="user" />
<label>Password:</label>
<input type="password" name="pass" /><br>
<input type="submit" value="Submit" />
<input type="reset" value="Reset">
>
</h1></form>
To logout, simply reditect to a page like so:
<?php
Session_start();
Session_destroy();
echo "<script language='javascript'> window.top.location.href = 'login2.html'; </script>";
?>