In this activity you will create a login and logout page for your project and enable sessions to restrict adding new heroes and appearances to authorised users.
Setup
We'll continue using 'form.php', 'header.php', 'menu.php' and 'style.css' in the project folder.
Login
Create 'login.php' with fields for 'user name' and 'password'.
Assume that registration has been completed already so you don't need fields for 'email' nor 'confirm password'.
Create 'login.js' and add code to check the entered details and either submit or show a message.
Add PHP code to 'login.php' to verify the password and redirect the user to 'form.php'.
Check that logging in works.
Logout
Create 'logout.php' and copy the code from the earlier activity.
Check that logging out works.
Redirect Unauthorised Users
Add code to 'header.php' to check whether a user is logged in and redirect them to 'login.php' if necessary.
Check that this works and that you don't have an endless loop.