Jump to content

php flatfile login

danielandlisa

By danielandlisa
in PHP Coding Help

 Share

Recommended Posts

danielandlisa Newbie

danielandlisa

Posted
Posted

Hi guys, can anybody recommend a tutorial or a short code example for a php flatfile login system that opens the username and password from a text file. Again yes i know mysql is better but this is what i need.

im trying to get this right from a book but just dont get it right it would

be real useful to see a tutorial or short code example for this.

 

                                                              / Lisa

Link to comment
Share on other sites
danielandlisa Newbie

danielandlisa

Posted
  • Author
Posted

i done this but i need to use a text file for the username and password instead and add the right fopen code to open it in the php file i want

to replace the require with fopen to open the username and password from text file. i show the code below but maybe im way off

 

 

password.php

 

<?

# Admin Panel User Name

$uname = "admin";

# Admin Panel Password

$pword = "test";

?>

 

login.php

<?

require ("password.php");

session_start();

if ((!$username) || (!$password)) {

echo '<form name=login method=post action="">

user:<input type=text name=username><br>

pass:<input type=text name=password><br>

<input type=submit value=go>

</form>';

}

else {

if ($username=="$uname")  {

session_register("username");

session_register("password");

echo "user is $uname, and password is $pword

<br> <a href=\"?m=1\" >unreg</a>";

}

else echo "no";

}

if ($m==1) {

session_unregister("username");

session_unregister("password");

}

?>

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

session_unregister is not needed.

 

Here is how I would setup the password.php file...

 

<?php
if (!$included) {
    die("You should not be here.");
}

$usernames = array("admin", "user1");
$passwords = array("admin" => "testpassword", "user1" => "testpassword2");
?>

 

Then in your login.php

<?php
$included=true; // set this so it can only be accessed by this script.
require_once("password.php");
session_start();

if (isset($_SESSION['loggedin']) && $_SESSION['loggedin']) {
     echo 'You are already logged in.';
     exit;
}

if (!isset($_POST['username'])) {
echo '<form name=login method=post action="">
user:<input type=text name=username><br>
pass:<input type=text name=password><br>
<input type=submit value=go>
</form>';
}else {
   if (in_array($_POST['username'], $usernames))  {
       if ($passwords[$_POST['username']] == $_POST['password']) {
         $_SESSION['loggedin'] = true;
         $_SESSION['username'] = $_POST['username'];
         echo 'Logged in successfully.';
       }else {
         echo 'Invalid username or password given.';
       }
    }else {
      echo "no";
   }
}
?>

 

Then on your pages you want a user to be logged in add this:

<?php
session_start();
if (!isset($_SESSION['loggedin']) || !$_SESSION['loggedin']) {
     echo 'You must login to view this page <a href="login.php">Login Here</a>';
     exit;
}

// if they get here they are a valid user.
echo 'Welcome ' . $_SESSION['username'] . '. How are you today?';
?>

 

Remember username and password must match exactly CaSe wise with the above code.

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

None of this code references a text file, it uses a hardcoded ID/PW.

 

This is securer than using a text file and it does not connect to a DB. Using this method you do not risk the chance of someone snooping your site and grabbing the username/password from a standard text file.

 

And technically .php is a text file, just different extension that hides the code to anyone randomly browsing. And to make it even safer, I would put passwords.php in a directory that is not viewable to the outside world.

Link to comment
Share on other sites
danielandlisa Newbie

danielandlisa

Posted
  • Author
Posted

Thanks alot premiso , nice to see you again. that looks great i just wonder if it would be possible to use a text file for the user names and passwords instead and open it with fopen instead of require from the login page. thats what i been asked to do so it would be great if that can be done

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

Thanks alot premiso , nice to see you again. that looks great i just wonder if it would be possible to use a text file for the user names and passwords instead and open it with fopen instead of require from the login page. thats what i been asked to do so it would be great if that can be done

 

mmmk, security issues aside, I would use a hash for the password if this is the case. Here is a revised version:

 

login.php

<?php
session_start();

if (isset($_SESSION['loggedin']) && $_SESSION['loggedin']) {
     echo 'You are already logged in.';
     exit;
}

if (!isset($_POST['username'])) {
echo '<form name=login method=post action="">
user:<input type=text name=username><br>
pass:<input type=text name=password><br>
<input type=submit value=go>
</form>';
}else {
   $data = file('passwords.txt');
   foreach ($data as $line) {
         list($user, $pass) = split("|", $pass);
         if ($user == $_POST['username'] && $pass == md5($pass)) {
             $_SESSION['loggedin'] = true;
             $_SESSION['username'] = $_POST['username'];
             echo 'Logged in successfully.';
             exit;
        }
   }
   
   echo 'Bad username or password provided';
}
?>

 

The username/password file can be auto-generated using this: (remove it after the initial use.)

generateInitial.php

<?php
$fh = fopen('password.txt', 'a');
$data = "admin|" . md5("test") . "\n";
fwrite($fh, $data);
fclose($fh);
?>

 

Use that to add any other users you want to the file.

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

thanks alot premiso  youre the man it seems to work.  if i want to add more users do i just add more lines in $data = "admin|" . md5("test") . "\n"; ?

again i really apreciate your help

 

Add more lines or just replace that line with the new variables.

Link to comment
Share on other sites
revraz Member

revraz

Posted
Posted

The question sounded kinda specific is which is why I asked.  But to me, it also sounds like an Assignment for school or something else.  If this is the case, you should of really learned how to do this yourself instead of getting someone else to code it all for you.

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

this not a assignment its for work. premiso i got a problem with the script it dont seem to work when i login it lets me login no matter what i put in the login box

 

Just remember if you logged in once, you are valid until you close the browser since you do not have a logout function. You will need to kill the session data to be "logged out" again.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.