Jump to content

Login Form


gixxx

Recommended Posts

Hi guys,

 

I'm currently in the process of creating a login form. I'm using PHP to check a simple text file called 'users.txt' for the username and password which has been entered in the form.

 

If the username and password are NOT in the 'users.txt' file, it will create them on a new line.

Like so:

 

Users.txt

ExampleUser,ExamplePass\n
Marc,password
Craig,password
John,password

 

Once I try to log into an account which is NOT there, it will create an account underneath. So if I try to log in with username as "Matthew" and password as "password" it will show like so:

 

ExampleUser,ExamplePass\n
Marc,password
Craig,password
John,password
Matthew,password

 

Hoping this makes sense so far, all of the above works.

However when I click back, to go back onto the login form, I try to log in with one of the usernames/passwords in the 'users.txt' file, and it will create the exact same user on a new line, so I have 2 of the same usernames/passwords.

 

What I want it to do it, if the username is in the 'users.txt' file, for it to display a message saying "Congratulations you're logged in".

 

Here is the code for the PHP login page.

 

P4 LoginScriptFile.php

<?php
//This checks for required fields from the form.
if ((!$_POST[username]) || (!$_POST[password]))
{
header("Location: P4 LoginForm.php");
exit;
}

//This reads values from the form.
$form_user = $_POST[username];
$form_password = $_POST[password];

$flag = FALSE;
$filename = "users.txt";
$fp = fopen( $filename, "r" ) or die ("Couldn't open $filename");
while ( ! feof( $fp ) ) {
$line = fgets( $fp);
$user = strtok($line, ","); //Username
$password = strtok(","); //Password
if (($form_user == $user) && ($form_password == $password)) 
{
$flag = TRUE;
}
}

if ($flag)
{
echo "<br>Congratulations, you're logged in";
}

else{
$filename = "users.txt";
$updateuser = $_POST ['username'];
$updatepass = $_POST ['password'];

$fp = fopen( $filename, "a" ) or die("Couldn't open $filename");
fwrite( $fp, "$updateuser,$updatepass\n") or die ("Couldn't write values to your file!");
fclose( $fp );
echo "<br>An account has been created for you!";
}
?>

 

I think what I need is to read the file once the new user has been created. Any help would be greatly appreciated.

Thanks in advance for any help.

gixxx

Link to comment
Share on other sites

Use strcmp instead of ==

 

if (strcmp($form_user, $user) && strcmp($form_password, $password)) 

 

And use $_POST['password'] instead of $_POST[password], $_POST['username'] instead of $_POST[username]

Link to comment
Share on other sites

Using a database to store username/password combinations is the most common way to do what you are trying to do. I have to ask why exactly you aren't using some sort of database software.

 

the reason strcmp always returns true, is because it returns <0 number when the first argument is shorter than the second, and >0 if the second argument is shorter than the first (and 0 if they are equal) Assuming you are entering a sername and password combo that doesn't exist in the database, it will always be true because non 0 integers convert to boolean true.

 

see strcomp: http://php.net/manual/en/function.strcmp.php

boolean casting: http://www.php.net/manual/en/language.types.boolean.php#language.types.boolean.casting

Link to comment
Share on other sites

Yes... my bad! Sorry about that. As mikesta707 pointed out, you will have to note the return values, but I believe it would still work if you compared them correctly. Anyway, I think it would be more secure and efficient to store the username and a hash of the password in a database.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.