I’m new to PHP and I’m trying to write up a simple PHP login page script to authenticate users from a flat file. I’ve managed to make most of it work, except that it only accepts the last user on the user/password file, and I’m not sure why. (I.e. the user.txt file is:

user1:pass1
user2:pass2
user3:pass3

and it only works for user3:pass3)

Here is my code:

<?php

$auth = false; // Assume user is not authenticated

if (isset( $_POST['txtUsername'] ) && isset( $_POST['txtPassword'] )) {

// Read the entire file into the variable $file_contents

$filename = 'user.txt';
$fp = fopen( $filename, 'r' );
$file_contents = fread( $fp, filesize( $filename ) );
fclose( $fp );

// Place the individual lines from the file contents into an array.

$lines = explode ( "\n", $file_contents );

// Split each of the lines into a username and a password pair
// and attempt to match them to $PHP_AUTH_USER and $PHP_AUTH_PW.

foreach ( $lines as $line ) {

list( $username, $password ) = explode( ':', $line );

if ( ( $username == $_POST['txtUsername'] ) &&
( $password == $_POST['txtPassword'] ) ) {

// A match is found, meaning the user is authenticated.
// Stop the search.

$auth = true;
break;

}
}

}

if (! $auth ) {

?>

<h1>Login</h1>

<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<p><label for="txtUsername">Username:</label>
<br /><input type="text" title="Enter your Username" name="txtUsername" /></p>

<p><label for="txtpassword">Password:</label>
<br /><input type="password" title="Enter your password" name="txtPassword" /></p>

<p><input type="submit" name="Submit" value="Login" /></p>

</form>

<?php

} else {

echo '<P>You are authorized!</P>';
}

?>

[edited by: ChrisCBA at 12:15 am (utc) on Mar. 24, 2006]