Advanced Search

Results 1 to 5 of 5

Thread: Flatfile Login

  1. #1
    Join Date
    Aug 2011
    Location
    Rep Of Ireland
    Posts
    126
    Thanks
    24
    Thanked 3 Times in 1 Post

    Default Flatfile Login

    I require a very lightweight login and password facility for about 5 people to gain access to a back office web page with relevant information for them. I have found this flat file example code at http://www.ehow.com/how_6587681_crea...using-php.html. There seems to be something with this ("myfile.txt\",\"r\") causing a break in the code at about line 6.

    Assuming that the processor code can be fixed I should progress as follows :
    1. Set up a myfile.txt to record the required Usernames and Passwords
    2. Set up login.html to position the login form. Should this be saved with a .php extension?
    3. Set up the form handler processor.php

    Any guidance greatly appreciated.

    PHP Code:
    <?php
    function CheckLogin($uid,$pw)
    {
    // set the login variable to false
    $valid=false
    // open the flat file and set it to the beginning 
    $f fopen ("myfile.txt\",\"r\")
    rewind(
    $pfile)
    // check all lines in flat file database
    while (!feof(
    $f)) 
    {
    // get the data from a single line
    $line = fgets($f)
    // assign the user name and password to an array variable
    $log = explode(',', $line)
    // check the user name against the current line in the flat file
    if (
    $log[0] == $uid
    {
    // the user exists so check the password
    if (log[1] == 
    $pw){
    // the password is valid so set the login variable to true
    $valid=true
    }
    }
    }
    // if the login variable is true then return true, otherwise return false
    if(
    $valid=true){
    return=true
    }else{
    return=false
    }
    }
    ?>

    <?php
    // call the check login function with the fields entered into the login form
    if(!CheckLogin(
    $_POST['username'],$_POST=['password'])
    {
    // the login is false so redirect the user to the login page
    header('Location: login.php')
    // the login information is correct so load the page and end the PHP script
    }else{
    ?>

    HTML Code:
    <form name="formname" method="post" action="processor.php">
    <br /><br /> 
    Username :<input type="text" name="username">
    <br /><br />
    Password :<input type="text" name="password"><br /><br />
    <input type="submit" name="Submit" value="Submit">
    </form>

  2. #2
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,156
    Thanks
    262
    Thanked 690 Times in 678 Posts

    Default

    If you're going to do it this way on a small scale, I suggest just writing an array of usernames and passwords directly into your PHP file. Something like this:

    PHP Code:
    <?php
    $logins 
    = array(
    'user1' => 'pass1',
    'user2' => 'pass2',
    'user3' => 'pass3',
    'user4' => 'pass4',
    'user5' => 'pass5'
    );


    $user strtolower($_POST['user']); //probably best to check that it was submitted also
    $pass $_POST['pass']; //probably best to check that it was submitted also

    if (isset($logins[$user])&&$logins[$user]==$pass)) {
       echo 
    'Log in!'//they're logged in -- save it in a session variable or something
    }
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  3. #3
    Join Date
    May 2012
    Location
    Hitchhiking the Galaxy
    Posts
    1,013
    Thanks
    47
    Thanked 139 Times in 139 Posts
    Blog Entries
    1

    Default

    As far as I can see, the issue with openin the code is that you're escaping all the quotes except the first one, so the statement doesn't end properly. It should be:
    PHP Code:
    $f fopen (\"myfile.txt\",\"r\") 
    Out of curiosity, why are you escaping all the quotes?

    As to number 2 in what you should do, if login.html is just a form, with no php, there is no particular reason to name it .php

    As Daniel said before however, it would probably be better to use an array or some such, as it is only for 5 people.
    "Most good programmers do programming not because they expect to get paid or get adulation by the public, but because it is fun to program." - Linus Torvalds
    Anime Views Forums
    Bernie

  4. #4
    Join Date
    Aug 2011
    Location
    Rep Of Ireland
    Posts
    126
    Thanks
    24
    Thanked 3 Times in 1 Post

    Default

    Yes, that will get me Logged into a backend page.

    PHP Code:
    if (isset($logins[$user])&&$logins[$user]==$pass
    header('Location:Backend_page.html'
    Not sure if I have done that correct but it does present the required Backend_page.

    Just need some processing to control blank and incorrect login sends!

  5. #5
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,156
    Thanks
    262
    Thanked 690 Times in 678 Posts

    Default

    Using a redirect is very insecure-- if anyone finds the direct link, it provides no protection at all. You'd need some code like this:

    PHP Code:
     <?php
    session_start
    (); //we'll use sessions to keep track of the logins

    $logins = array(
    'user1' => 'pass1',
    'user2' => 'pass2',
    'user3' => 'pass3',
    'user4' => 'pass4',
    'user5' => 'pass5'
    );


    $user strtolower($_POST['user']); //probably best to check that it was submitted also
    $pass $_POST['pass']; //probably best to check that it was submitted also

    if (isset($logins[$user])&&$logins[$user]==$pass)) {
        
    $_SESSION['username'] = $user;


    if (!isset(
    $_SESSION['username'])) {
        exit(
    'Access denied.'); //and redirect to login form as required
        //or just display the login form now; that's simple-- show login if not logged in, otherwise don't
        //and whatever you do, end it with exit; -- that'll stop anything else from happening
    }

    //ok, now the rest of this part is safe
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

Similar Threads

  1. edit flatfile does this work
    By kimboslice in forum PHP
    Replies: 0
    Last Post: 03-19-2010, 03:06 PM
  2. ASP login help
    By sacssr in forum Looking for such a script or service
    Replies: 1
    Last Post: 02-09-2010, 03:54 PM
  3. login in php
    By ff123 in forum PHP
    Replies: 7
    Last Post: 04-19-2009, 02:51 PM
  4. Login Help
    By eXceed69 in forum HTML
    Replies: 1
    Last Post: 02-23-2007, 10:34 AM
  5. PHP Login Help
    By wyclef in forum PHP
    Replies: 13
    Last Post: 01-22-2006, 02:24 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •