Want to write results of submit on form to log file

**Ralph2** · 11-22-2009, 02:41 AM

I have cobbled together a small family website to share old pictures and memorabilia. This is a members only site and I use a PHP login script that compares the username and password to a list.

I would like to know
a) if anyone is trying to guess their way in.
b) if a member is having trouble logging in.. we have some not so computer savvy family members who possibly get frustrated and give up.
c) which members are logging in.. this is a new endeavor, to run one year on a trial basis.. and is it worth it.

To accomplish this, I would like to add some code to take the results of any submit (on my login form) and append the results of that to some sort of log file that I can periodically review. Given that the basics are in place this would seem (to me) not that difficult a task. But, I have no idea on how to accomplish this and hope someone can show me.

Thank you for your time and help

Ralph

If it helps, this is the PHP code that I am assuming does the login process.

Code:

/* No user serviceable parts below this point. */

$php_self = $_SERVER['PHP_SELF'];

/* Sanitize variables: we should only be getting $user and $password from the form. */
$submit = $_POST['submit'];
$user = '';
$password = '';
if ($_GET['user']) {
	$user = $_GET['user'];
	$password = $_GET['password'];
}
if ($_POST['user']) {
	$user = $_POST['user'];
	$password = $_POST['password'];
}

session_start();

/* Check login/password pairs until we find one that is correct, or show login form again. */
$loginsuccessful = FALSE;

foreach ($authorization as $loginpair) {
	if (($user == $loginpair[0]) && ($password == $loginpair[1])) {
	  $_SESSION['user'] = $user;
	  $_SESSION['password'] = $password;
		$loginsuccessful = TRUE;
	}
	if (($_SESSION['user'] == $loginpair[0]) && ($_SESSION['password'] == $loginpair[1])) {
		$loginsuccessful = TRUE;
	}
}

if ($loginsuccessful === TRUE) {
  /* User is logged in, go about our merry way. */
	echo $loginmsg;
} else {
  /* User didn't match any of our valid logins, kick them back to the form. */
	$loginmsg = "Invalid username or password.";
	require($indexphp);
	exit;
}

**JShor** · 11-23-2009, 02:13 AM

OK, well, you have numerous ways to do this. The quickest is to write all of the login attempts to a text file called "attempts.txt", which you could view/periodically download and see all of the people who've made attempts at logging in.

The way I made it [of course, format can be changed] is the following:
User: {{username}}
Password: {{password}}
Date/Time: {{date&&time}}

Here's the finished code:

PHP Code:


/* No user serviceable parts below this point. */

$php_self = $_SERVER['PHP_SELF'];

/* Sanitize variables: we should only be getting $user and $password from the form. */
$submit = $_POST['submit'];
$user = '';
$password = '';
if ($_GET['user']) {
    $user = $_GET['user'];
    $password = $_GET['password'];
}
if ($_POST['user']) {
    $user = $_POST['user'];
    $password = $_POST['password'];
}

session_start();

/* Check login/password pairs until we find one that is correct, or show login form again. */
$loginsuccessful = FALSE;

foreach ($authorization as $loginpair) {
    if (($user == $loginpair[0]) && ($password == $loginpair[1])) {
      $_SESSION['user'] = $user;
      $_SESSION['password'] = $password;
        $loginsuccessful = TRUE;
    }
    if (($_SESSION['user'] == $loginpair[0]) && ($_SESSION['password'] == $loginpair[1])) {
        $loginsuccessful = TRUE;
    }
}

if ($loginsuccessful === TRUE) {
  /* User is logged in, go about our merry way. */
    echo $loginmsg;
} else {

$timestamp = date();

  /* User didn't match any of our valid logins, kick them back to the form. */
    $loginmsg = "Invalid username or password.";
        $stringData = "
Username: ".$user."
Password: ".$password."
Date/Time: ".$timestamp.";

$myFile = "attempts.txt"; // name of file
$fh = fopen($myFile, 'a') or die("can't open file"); // open file
fwrite($fh, $stringData); // append to file
fclose($fh); // close file

    require($indexphp);
    exit;
}

Please note that you need to make sure that attempts.txt already exists on the same path of this php script.

HTH

**Ralph2** · 11-26-2009, 05:37 AM

Thank you for your time JShor

A quick cut and paste of your sample code gives me an error message... Parse error: syntax error, unexpected T_STRING.........

Is it possible that my host server has some security features that prevent writing to files in my root folder?

http://hostpapa.com/

I will try again later... up to my ears in other stuff at the moment... and see if I can make your approach work

Ralph

**traq** · 11-26-2009, 05:53 PM

There's a typo in JShor's script.

PHP Code:


//use single-quotes instead of double-quotes:
        $stringData = '
Username: '.$user.'
Password: '.$password.'
Date/Time: '.$timestamp;
// or, remove double-quotes *inside* the string:
        $stringData = "
Username: $user
Password: $password
Date/Time: $timestamp";
}

**Ralph2** · 11-27-2009, 04:14 AM

Thanks..
Is there a problem with this part.. the second line now gives an error message?

$myFile = "attempts.txt"; // name of file
$fh = fopen($myFile, 'a') or die("cant open file"); // open file
fwrite($fh, $stringData); // append to file
fclose($fh); // close file

**traq** · 11-27-2009, 05:21 AM

does the file "attempts.txt" exist in the same directory as this script?

This script does not create a new file, which is why JShor pointed out that the file needs to exist beforehand. Make sure you have upload a blank text file, and that it is in the same directory as this script.

Thread: Want to write results of submit on form to log file

Thread Tools

Search Thread

Want to write results of submit on form to log file

The Following User Says Thank You to JShor For This Useful Post:

The Following User Says Thank You to traq For This Useful Post:

The Following User Says Thank You to traq For This Useful Post:

Bookmarks

Bookmarks

Posting Permissions