Jump to content

Creating authentication system from scratch


stickynote427

Recommended Posts

I'm trying to create an authentication system from scratch. I want to be able to edit the content of my Web site's home page without having to log in through my host's cPanel deal, navigate through cPanel, and navigate through a couple directories just to edit a single file.

 

I know I can use .htaccess, but I was wondering if I could use an HTML-PHP form to authenticate myself to gain access to something.

 

Here is my from-scratch authentication form.

 

<?php

//the correct username
$un="username";
//the correct password
$pw="password";

//if the form has been submitted...
if (isset($_POST['submitBtn'])) {

//if the username is incorrect...
if ($_POST['username']!=$un) {
//echo text
echo("The username was incorrect. Click <a href=".$_SERVER['PHP_SELF']."?page=someLoginPage />here</a> to try again.");
}
//otherwise, if the password is incorrect...
else if ($_POST['password']!=$pw) {
//echo text
echo("The password was incorrect. Click <a href=".$_SERVER['PHP_SELF']."?page=someLoginPage />here</a> to try again.");
}
//otherwise, the username and password ARE correct
else {
//Do stuff here, such as:
echo("The username and password were correct.");
}

}

//if the form has not been submitted, display the form
else {

?>

<table align="center" style="color: white;">

<form name="authForm" method="POST" action="<?=$_SERVER['PHP_SELF']?>?page=someLoginPage">

<tr><td align="right">Username:</td><td><input type="text" name="username" /></td></tr>
<tr><td align="right">Password:</td><td><input type="password" name="password" /></td></tr>
<tr><td colspan=2 align="center"><input type="submit" name="submitBtn" value="Log In" /></td></tr>

</form>

</table>

<?php } ?>

 

Seems to work fine. Of course instead of making some text appear when I log in, I will create something that will allow me to edit and save my Web site's home page from there.

 

Is this method secure? None of the PHP code obviously shows up when I view the page's source code, so I don't see how someone would be able to figure out the username and password (which I will also change).

 

Thanks,

stickynot427

@James: If that could be a faster way to log in to cPanel, that's not what I'm looking for, but thanks.

 

@ozone: Can you explain a little bit more? Are you talking about the PHP chmod function; how should I use it, and what is this "644"?

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.