Guestbook, log in system

[kirk2010]

Hi, I've only just started to learn PHP, I've been working on a guestbook for about 7 hours now with little progress.

 

I have a page to update the messages.

I have a register page - you enter your User Name and Password, and it gets stored in a text file.

I also have a login page.

 

I'm attempting to grab data from my registered users text file, and match them up on the log in page.

I'm not after a sophisticated system, just simply getting the data from a text file and seeing if the username and password match to enable the user to log in.

 

Any help is appreciated, I've attached everything I have.

 

[attachment deleted by admin]

[kirk2010]

No help at all?  ???

 

If you need any more information just ask.

[waterssaz]

Hi,

I have wrote many login systems before but have never used your method of getting user info (e.g the text file).  If you would consider using a database then here is a great tutorial for you to follow which should get you up and running in no time

http://www.evolt.org/article/PHP_Login_Script_with_Remember_Me_Feature/17/60265/index.html

Hope this helps and feel free to ask any more questions :-)

[kirk2010]

Thanks for your reply. The post is useful, and I'll be referring to it in my next project, no doubt.

 

As I've only just started PHP, our lecturer isn't expecting too much.

I know not using a database isn't the norm, which is why I'm getting my data from a text file.

 

I'm after an If statement that connects the log in page with the register.txt file.

 

If word 1 matches username + word 2 matches password, allow log in.

 

Have you looked at my files? It may give you an insight into what I'm trying to achieve.

 

Thanks again for the help.

 

[waterssaz]

Yeah, I can see exactly what you're trying to acheive. But sorry don't think I'd be much help.

I've never had to verify user info against a text file so I'm not sure of the process.

From a quick google

this may help

http://www.devshed.com/c/a/PHP/Private-Pages-with-PHP-and-Text-Files/

[Yesideez]

Using a file for the database is certainly possible but might not be the best route.

 

Most now use a MySQL database - much more versatile and you don't have to "parse" the file before handling the contents.

[kirk2010]

I realise this may seem like a strange request, but the file I'm creating is not for public use, it's just to get me stuck into PHP for the first time.

You say that it is possible, how would I go about doing it?

[waterssaz]

did ypu not check out my link? I thought this was waht you are trying to acheiev. No?

[Yesideez]

btw, if wanting to post code into the post (which is much better and safer for everyone than using ZIP files you can paste your code into your post but please remember to surround it with the magic [code] and [/code] tags. It will look like this...

<?php
  for ($i=0;$i<10;$i++) {
    echo $i.'*2='.$i*2.'<br />';
  }
?>

 

If you want to use files you'll need to look here: http://uk3.php.net/file

 

That's just the one file() command but the list of file related comands are down the left.

 

You'll need to know how to open a file, acces it and close it again - basic terms.

[Yesideez]

Open files: http://uk3.php.net/manual/en/function.fopen.php

 

Read from a file: http://uk3.php.net/manual/en/function.fgets.php

 

Write to a file: http://uk3.php.net/manual/en/function.fwrite.php

 

Close a file: http://uk3.php.net/manual/en/function.fclose.php

 

There are many other file acessing functions but those a the basic ones.

[kirk2010]

Thanks for the second link waterssaz. That is what I'm trying to achieve.

 

Though my file to read from will have many different usernames and passwords, how do I differentiate between each username and password combo?

 

This is my login page currently, you're only able to log in if you enter the 'testuser' '123456' combo.

 
<?php
$username=$_POST['name'];
$password=$_POST['password'];

if($username=="testuser" && $password=="123456")

{
$_SESSION['user']=$username;
echo "Well done you have logged in as ".$_SESSION['user'];
echo "<br/><a href='guestbook.php'>Click here to go to the homepage</a> ";
echo ('<meta http-equiv="Refresh" content="3;url=guestbook.php" />');

}else{

echo "<br/><a href='loginpage.php'>Click here to go to back and try again</a>";
}
?>

 

My register process page is this:

 

$username=$_POST['name'];
$password=$_POST['password'];

$data = "$username | $password \n";


{

$file = "registerdetails.txt";   
if (!$file_handle = fopen($file,"a+")) 
{ 
echo "Cannot open file"; 
}  
if (!fwrite($file_handle,($data)))
{ 
echo "Cannot write to file"; 
}     
fclose($file_handle);  
echo ('<br /><br /><center><div style="background:#ffffff url(ok.jpg) no-repeat left;">You have successfuly registered.<br />Please log in.</div></center>');
echo ('<meta http-equiv="Refresh" content="2;url=loginpage.php" />');

 

The data is being recorded in my txt file after it has been entered to the register page, I need to use this data to log in.

 

Thanks all for the help, the links are helping

 

[Yesideez]

Differentiate?

You could store them like this:

username|password
myname|mypass

 

You'd use the explode() function to convert them into an array like this:

$userinfo=explode('|',$data)

Where $data is the line containing the user's details - $userinfo would now be an array:

$userinfo[0] is the username

$userinfo[1] is the password

[Yesideez]

btw, you'd have to prevent the user from having the bar symbol (|) in their username and password otherwise this would really throw your code.

[kirk2010]

Yeah I've tried to use the explode function before.

 

I'm just not sure where to place the code, and on which page.

 

Sorry for my newbieness.

 

I tried adding

 $userinfo=explode('|',$data) 

in my register process, and I just got a parse error, saying I have an unnecessary '{'    when in fact it was necessary before I entered that line.

[Yesideez]

If you're wanting it in your login script change this line:

$data = $username.'|'.$password";

 

Then you can load your password file using this:

$data=file("registerdetails.txt");

That reads the entire password file into $data as an array, each line being an element:

$data[0] = line 1

$data[1] = line 2

and so-on...

 

Then you'd need a loop to run through and check if the username and password matches.

 

You wouldn't need explode() this way but | would still have to be prevented from being used by the user.

 

(have to go and collect wife from work)

[kirk2010]

Thanks for trying to help, but I don't even know how to create a loop, giving myself 30minutes before I give up.

 

Php is so frustrating.

[VBAssassin]

Wew! I wasn't expecting all that code and all those files! lmao.

 

Since your going to be working with text files for data, you should get very familiar with serialize and unserialize. Can save a lot of manual parsing.

 

Here is how you should layout your guest book:

 

libs/functions.php - stores all your main functions

content/guest_book.php

database/index.php

database/users/username-password.php

database/posts/posts.php

 

You will have to create users manually at the moment by just creating a new file in the format username-password.txt which is more efficient than saving those two details in the file itself (else all the files need to be opened to check for users and duplicate usernames etc).

 

use file_get_contents() and file_put_contents() if you are using PHP5 (much easier than fopen, etc).

 

When a user posts a message in the guest book ask for there username and password with their message. If the username and password file exists, then they are ok to post... then simply add the message on the end of posts.php

 

To view the posts, just use get_file_contents() on the posts.php file.

 

Make sure you put an index.php file in the database/users/ folder to prevent people seeing a directory listing of the users folder and seeing everyones username and password.

 

Anyway... gota get back to work now... this distributed PHP framework is a pain.

 

Kind regards,

Scott

 

P.S. Here is an example of a simply page hit counter that uses the file system to save the total hits, instead of a database: http://www.coderprofile.com/networks/source-codes/328/simple-hit-counter-v13

 

[Yesideez]

Stick with it - it's so rewarding when you finish something!

 

Here's one syntax for a basic loop structure using for():

for (var;condition;increment) {
  code;
}

 

So in your case, after using file() to read your password file into $data...

$datacount=count($data);
for ($i=0;$i<$datacount;$i++) {
  //check the password here
}

 

That's a crude way to do it but for now it gives you the idea.

 

$i is our index variable we're using in our loop as the counter. $datacount is the number of lines in your password file, $i++ means increment by 1.