Login-Controlled Web Pages Using PHP and a Flat Text File

I have seen a lot of requests for a user login-control system that does not require a database. While I would much prefer to see a database used for user login information, I decided to take a crack at coming up with something usable without one. If you'd like to try it out (or just poke around the code to see what I've done), download this zip file, unzip it, and start by reading the README.txt file.

If you find this code useful and would like to encourage me to post more goodies here, you could buy me something from my wish lists at Amazon.com or at MusicDirect.com

Uses PHP Sessions to Control Access

PHP sessions are used to determine whether or not the user is logged in, plus to track whether or not that user has Administrator privileges. Therefore, every controlled page must be a PHP page, either having a ".php" file name suffix or any other suffix which your webserver is configured to send to the PHP interpreter.

All we need to do on each controlled page is to have the following line of PHP code at the very beginning of the page, making sure there is no text—including white space or newlines—before the opening <?php tag: 

<?php require_once "Login.php"; ?>
...rest of HTML document follows here...

Assuming you've put the Login.php file in the PHP include path and have set up your user account(s) as per the instructions in the README.txt file, you're good to go.

The zip file also includes a ManageUsers.PHP file for adding, changing, and deleting user accounts (stored in the specified text file).