homepage Welcome to WebmasterWorld Guest from 54.226.0.225
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
Problem with simple PHP login Script
Only authenticates last user
ChrisCBA




msg:1296830
 11:57 pm on Mar 23, 2006 (gmt 0)

Iím new to PHP and Iím trying to write up a simple PHP login page script to authenticate users from a flat file. Iíve managed to make most of it work, except that it only accepts the last user on the user/password file, and Iím not sure why. (I.e. the user.txt file is:

user1:pass1
user2:pass2
user3:pass3

and it only works for user3:pass3)

Here is my code:

<?php

$auth = false; // Assume user is not authenticated

if (isset( $_POST['txtUsername'] ) && isset( $_POST['txtPassword'] )) {

// Read the entire file into the variable $file_contents

$filename = 'user.txt';
$fp = fopen( $filename, 'r' );
$file_contents = fread( $fp, filesize( $filename ) );
fclose( $fp );

// Place the individual lines from the file contents into an array.

$lines = explode ( "\n", $file_contents );

// Split each of the lines into a username and a password pair
// and attempt to match them to $PHP_AUTH_USER and $PHP_AUTH_PW.

foreach ( $lines as $line ) {

list( $username, $password ) = explode( ':', $line );

if ( ( $username == $_POST['txtUsername'] ) &&
( $password == $_POST['txtPassword'] ) ) {

// A match is found, meaning the user is authenticated.
// Stop the search.

$auth = true;
break;

}
}

}

if (! $auth ) {

?>

<h1>Login</h1>

<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<p><label for="txtUsername">Username:</label>
<br /><input type="text" title="Enter your Username" name="txtUsername" /></p>

<p><label for="txtpassword">Password:</label>
<br /><input type="password" title="Enter your password" name="txtPassword" /></p>

<p><input type="submit" name="Submit" value="Login" /></p>

</form>

<?php

} else {

echo '<P>You are authorized!</P>';
}

?>

[edited by: ChrisCBA at 12:15 am (utc) on Mar. 24, 2006]

 

jatar_k




msg:1296831
 12:03 am on Mar 24, 2006 (gmt 0)

I would personally take a different approach

take the username entered
read through the textfile line by line to see if it is found
if found compare the password
if password matches then $auth = true

though iguess if you are at the end of the list then it takes longer to auth

vacorama




msg:1296832
 3:03 pm on Mar 24, 2006 (gmt 0)

or with the least amount of code, you can do as you did, scan the page and explode() into an array by lines... Then just do a foreach over all the lines with:

# initialize
$count = 0;

if (strstr($line, $user) && strstr($line, $pass) ) {
$count++;
}

then after your through all the lines,

if (array_count($count) > 0) { $auth = true; } else { //show html form
}

vacorama




msg:1296833
 3:07 pm on Mar 24, 2006 (gmt 0)

oops.. forget that last line, supposed to be:

if ( $count > 0) { $auth = true; } else { //show html form
}

ChrisCBA




msg:1296834
 5:28 pm on Mar 24, 2006 (gmt 0)

Thanks for your input. What I ended up using was:

if ( ( trim($username) == $_POST['txtUsername'] ) &&
( trim($password) == $_POST['txtPassword'] ) ) {

which made the script work perfectly.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved