Universal Password Verification

[Kathy]

I am working on a php site, fairly new at everything and I've added a password text box and I need to apply code to the script which will allow users to all enter the same password, for example let's say the password is "apple", everybody should enter apple into the password textbox, no other password. What code do I use??

[thebadbad]

If you're POSTing the data, and call the input field password;

 

<?php
if ($_POST['password'] == 'apple') {
//gain access
}
?>

Is that what you're trying to do? If you want to hide the actual password in the script, you can hash it with md5() and compare the hash with md5($_POST['password'])

[Kathy]

Thanks, that helps! but nothing happens, and that's my problem, that's how I'm struggling to move on. After entering anything into the password text box. nothing happens, no error comes up saying it's the wrong password or the page won't redirect to the next page if it is the right password?

[GingerRobot]

By 'nothing happens', do you mean you get a blank screen? If so, i expect there are errors and you need to display them. You can do this by adding these two lines to the top of your script:

 

error_reporting(E_ALL);
ini_set('display_errors','On');

 

Otherwise, we're going to need to see your actual code.

[Kathy]

By nothing I mean, after typing in anything, like g in the password text box, where you are meant to type apple, and f in the email text box, the boxes will clear themselves and it's almost like the page, just reloads itself?

No error's come up and no redirecting takes place 

 

Here is my code:

<?

//submit form

$action = $_POST["Submit"];

 

if ($action == 'Send')

 

$email = $_POST["initials"];

 

//check for password

if ($_POST['password'] == 'ivif09/107') {

//gain access

}

 

 

//funciton to validate and email address

if (empty($_POST['email']))

{

$errors[] = 'Please enter an e-mail';

}

else if (!eregi("^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,3})$", $_POST['email']))

{

$errors[] = 'Please enter a valid e-mail address';

}

 

//insert your code that will be executed when user enters the correct answer

$email = $_POST['email'];

$password = $_POST['password'];

$exhibitor_manual = $_POST['exhibitor_manual'];

$furniture_catalogue = $_POST['furniture_catalogue'];

$order_form_xl = $_POST['order_form_xl'];

$order_form_pdf = $_POST['order_form_pdf'];

$buyers_guide = $_POST['buyers_guide'];

$floor_plan = $_POST['floor_plan'];

 

if (($email <> '') && ($password <> '')){

$add_email = "Select email from login";

  $added = mysql_query($add_email);

  echo mysql_error();

 

  $add_email = "Insert into contact_details(email) ";

  $add_email .= "value('$email')";

  $enter_email = mysql_query($add_email);

  echo mysql_error();

 

    header("Location: http://www.redirect");

//

$msgheading = "Exhibitor Login";

$msg .= "email = " . $email . "\n\r";

$msg .= "password = " . $password . "\n\r";

$msg .= "exhibitor_manual = " . $exhibitor_manual . "\n\r";

$msg .= "furniture_catalogue = " . $furniture_catalogue . "\n\r";

$msg .= "order_form_xl = " . $order_form_xl . "\n\r";

$msg .= "order_form_pdf = " . $oder_form_pdf . "\n\r";

$msg .= "buyers_guide = " . buyers_guide . "\n\r";

$msg .= "floor_plan = " . floor_plan . "\n\r";

 

$sendto = "[email protected]";

 

mail($sendto , $msgheading , $msg , "From: Website");

 

echo "<script language='Javascript'>alert ('Thank you for your query, you will be redirected to the download page')</script>";

}

?>

[thebadbad]

And you HTML form code?