This is Version 1.3 of Login - Redirect.

Begin Installation

This script is not only a secure login script, it also allows great control and can be integrated easily into most sites as well as the following features:

Redirection based on the users login information
        - The site administrator can dictate the page that the user will be redirected to once the user has been authenticated
Control Panel Administration
        - The control panel administration allows Administrators the following functions:
                - Add Users
                - Modify user information
                - Add users to groups
                - Delete users
                - Undelete Users
                - Ban Users
                - Lift user bans
                - Ban IP Addresses
                - Lift IP Address bans
                - View and sort login information
                - Require users to change their password at next login
                - Require users to activate their account as to verify their e-mail address before they are able to login
                - View all user information
Other functionality of this package:
        - Control access to pages through username or groups
        - Allows users to request an e-mail of their login information
        - Allows users to change their own password and e-mail address
        - Allows users to self-register
All of the pages viewed by users have been written in html as to allow site creators easy integration into their site.
All html pages can be altered, just do not change the functionality of the page.
For example, if the html page contains to fields named X and Y and the form is posted to page.php, do not change the name of the field or the name of the page that the information is posted to unless you know what you are doing.

        - Website server with php functionality.
        - MySQL Database

The installation process is very simple.  You will need the following information to complete the installation:
        - a MySQL database
        - The username and password for that database
        - Knowledge of the database server (typically localhost, but it could be different as with 1&1 hosted sites)
        - FTP ability
That's it, the installation walks you through all of the steps and creates all of the table required as well as the configurations settings and the administrator account setup.

Package Contents and Description:

*activate.html This page allows the user to activate their account.  If you has set the configuration to verify e-mail address, the user will register and an e-mail will be sent requesting the user to visit this page and activate the account.
*banned.html This page is displayed to user if either their IP Address or User account has been banned.
check_login.php This page is a server-side page that checks to see if the user still has an open session or has elected cookies to be set as to limit the number of times the user must login.  You do not have to use this page - If you require your users to login in every time, I would suggest you remove the "Remember me from this computer" section from login.html and errorlogin.html.  If you chose to use it and have a "Login" link somewhere on your page, have it link to check_login.php.
config.php This is the page with all of the configuration settings, the code for this page is generated during the installation process, you will simply need to copy and paste it into this page and upload.
*email_change.html This page allows users to change their own e-mail address.
email_change.php This is the server-side page that handles the changing of the user's e-mail address.
*errorlogin.html This is the page that the user is directed to should their be an error with their credentials.
functions.php This page contains various functions that are used throughout the package.
*login.html This is the main login page for the users.
loglogin.php This is a server-side page that records the login information to the log_login table.
*no_access.html This is the page that is displayed should a user try to gain access to a page that they are no allowed access to visit.
*not_activated.html This is the page that is displayed should a user try to login without activating their account, that is if you have required e-mail verification.
*pass_change.html This page allows users to change their own password.
pass_change.php This is the server-side page that handles the password change.
redirect.php This is the server-side page that sets the session and redirects the user to the page specified by the administrator.
*register.html This page allows user to register themselves for your site.
register.php This is the server-side page that handles the registration.
**create_admin.php This is the administrator interface to create the administrator's account.
**install.html The first installation page, requests configurations information.
**install_1.php The second installation page, allows for the naming of groups.
**install_2.php The third installation page, allows for the creation of the administrator's account.
**install_3.php The fourth installation page, installation is complete and provide the config.php code.
adduser.php This is the server-side page that handles the addition of a user.
adminpage.php This is the Administrator's Control Panel - very important.
mod_user.php This is the server-side page that handles the user modifications, deletions and banning.
index.html This is a frames page that includes the next two pages.
log.php This is the page that appears on the right of index.html and contains the login information.
log.html This is the page that appeats on the left of index.html and allows for sorting of the login information and also contain whois lookup for IP Addresses.

* - indicates that this page is customizable
** - indicates that this file or folder can be deleted after installation is complete

How-to restrict access to your pages:
1.    All secure pages must be php pages.  You can easily create any page in html and simply save it with a .php extention.
2.    This code must be added prior to any code on the page:


//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);

//this should the the absolute path to the config.php file
//(ie /home/website/yourdomain/login/config.php or
//the location in relationship to the page being protected - ie ../login/config.php )

//this should the the absolute path to the functions.php file - see the instrcutions for config.php above


//this is group name or username of the group or person that you wish to allow access to
// - please be advise that the Administrators Groups has access to all pages.
if (allow_access(Administrators) != "yes")

//this should the the absolute path to the no_access.html file - see above
include ('no_access.html');

For a more precise sample of the code you should use, please Click Here.

That should do it...