In this activity you will create a login and logout page for your project and enable sessions to restrict adding new heroes and appearances to authorised users.

• We'll continue using 'form.php', 'header.php', 'menu.php' and 'style.css' in the project folder.

• Create 'login.php' with fields for 'user name' and 'password'.
• Assume that registration has been completed already so you don't need fields for 'email' nor 'confirm password'.
• Create 'login.js' and add code to check the entered details and either submit or show a message.
• Add PHP code to 'login.php' to verify the password and redirect the user to 'form.php'.
• Check that logging in works.

• Create 'logout.php' and copy the code from the earlier activity.
• Check that logging out works.

• Add code to 'header.php' to check whether a user is logged in and redirect them to 'login.php' if necessary.
• Check that this works and that you don't have an endless loop.

Next: Summary