Jump to content

multiple logins ?

foevah

By foevah
in PHP Coding Help

 Share

Recommended Posts

foevah Member

foevah

Posted
Posted
Hi im trying to build a blog using a site this forum recommends but im having difficulty getting accurate results

Heres a link to the blog tutorial im questioning
[url=http://codegrrl.com/!/tutorials/view/part_4_passwording_individual_entries/]passwording individual entries tutorial[/url]

It says add this to the individual entry page which can be viewed [url=http://www.webdesignhull.lincoln.ac.uk/jecgardner/mpr/display_blog.php]here[/url]
$my_username = "USERNAME";
$my_password = "PASSWORD";

the username and password is currently test:test

I was wondering how can I add multiple logins and passwords? would it look something like this:
$my_username2 = "HARRY";
$my_password2 = "HAR";
$my_username3 = "LARRY";
$my_password3 = "LAR";

Then further down the script theres this:

if ($password == 1) {
        if (isset($_POST['username']) && $_POST['username'] == $my_username) {
            if (isset($_POST['pass']) && $_POST['pass'] == $my_password) {
                ?>

                <p><strong><?php echo $title; ?></strong><br /><br />
                <?php echo $entry; ?><br /><br />
                Posted on <?php echo $date; ?></p>

                <?php
            }
            else { ?>
                <p>Sorry, wrong password.</p>

I pasted this code again and changed password == 1 to password == 2 hoping it would work with the new usernames and passwords I made..

Please can someone tell me what im doing wrong!?

Also when you enter the wrong password in it doesnt say Sorry, wrong password.. Why is this???

Please help!!
Link to comment
Share on other sites
roopurt18 Advanced Member

roopurt18

Posted
Posted
Usernames and passwords should be stored inside a database.  You should be using the username and password from the submitted form to look up the corresponding row in the database table.  If found, the user exists and if not found, the user does not exist.
Link to comment
Share on other sites
foevah Member

foevah

Posted
  • Author
Posted
The tutorial hasnt told me to store usernames and passwords in a database it just said add it to the individual entry page.

I added
$my_username = "USERNAME";
$my_password = "PASSWORD";
I changed the username to test and password to test
this works fine which you can see [url=http://www.webdesignhull.lincoln.ac.uk/jecgardner/mpr/display_blog.php]here[/url]

I can password an entry but I was wondering can I add more then one username to this?

click [url=http://www.webdesignhull.lincoln.ac.uk/jecgardner/mpr/blog_entry_form.php]here[/url] to see the submit form

Any ideas why it doesnt say sorry password is wrong??
Link to comment
Share on other sites
Skatecrazy1 Member

Skatecrazy1

Posted
Posted
this is really an inefficient and unsecure way to go about an authentication script

use a database, trust me you'll enjoy it much more

all you have to do is query up a row that matches your user's user and pass input
if one exists, then the user is authenticated
if one doesn't then the user isn't
Link to comment
Share on other sites
alpine Member

alpine

Posted
Posted
By putting username/password in an array you can have several login profiles. Many ways to actually accomplish this, here is one example:

[code]

<?php

$data = array("Harry"=>"7467hg","John"=>"84748hfd","Alice"=>"83rswg77");
$valid = 0;

foreach($data as $user => $pass)
{
  if($user == $_POST['username'] && $pass == $_POST['password'])
  {
    // We have a match
    $valid = 1;
    break;
  }
}

if($valid == 1)
{
  // user stuff
}
else
{
  // No match in login
}

?>

[/code]

Regarding separate error messages based on match or not in the individual password/usernames this is a matter of checking each element along the way.
See if you can get one step further with what u got and come back with new code if you run into problems.
Link to comment
Share on other sites
.josh Advanced Member

.josh

Posted
Posted
okay so i went to the tutorial link you provided and they have user/pass authentication using a database.  If you had followed the tutorial all you would have had to do is add more rows to your database table with usernames/passwords and the script would automatically be multi-user compatible.  Frankly, I have no idea where you got the code you provided in the OP, as it only seems to partially match the code from the tutorial.  It looks like you decided to skip the database name/pw check part and add hardcoded variables into your script instead.  if you REALLY wanna do it that way, then see alpine's post.
Link to comment
Share on other sites
foevah Member

foevah

Posted
  • Author
Posted
[quote author=Crayon Violent link=topic=113954.msg463512#msg463512 date=1162800071]
okay so i went to the tutorial link you provided and they have user/pass authentication using a database.  If you had followed the tutorial all you would have had to do is add more rows to your database table with usernames/passwords and the script would automatically be multi-user compatible.
[/quote]

Ive been following the tutorials closely. What tutorials does it explain how to add more rows to my database with usernames/passwords? I havent gone much further then part 4 of the tutorials because im wondering why I can only get one user name and password to work.
[url=http://codegrrl.com/!/tutorials/view/part_4_passwording_individual_entries/]click here to view part 4[/url]

Ok i added the code alpine posted to my journal.php page and nothing worked.. I then saved it as a seperate page called userpass.php with just this code in below and it didnt respond to the journal.php [url=http://www.webdesignhull.lincoln.ac.uk/jecgardner/mpr/display_blog.php]CLICK HERE TO SEE THE PAGE[/url]

[quote author=alpine link=topic=113954.msg463495#msg463495 date=1162796419]
[code]
<?php

$data = array("Harry"=>"7467hg","John"=>"84748hfd","Alice"=>"83rswg77");
$valid = 0;

foreach($data as $user => $pass)
{
  if($user == $_POST['username'] && $pass == $_POST['password'])
  {
    // We have a match
    $valid = 1;
    break;
  }
}

if($valid == 1)
{
  // user stuff
}
else
{
  // No match in login
}

?>

[/code]
[/quote]

Im still a bit lost please help to make things clearer!
Link to comment
Share on other sites
foevah Member

foevah

Posted
  • Author
Posted
[quote author=roopurt18 link=topic=113954.msg463447#msg463447 date=1162782115]
Usernames and passwords should be stored inside a database.  You should be using the username and password from the submitted form to look up the corresponding row in the database table.  If found, the user exists and if not found, the user does not exist.
[/quote]

Id like to do what rooport18 said. My database is stored on [url=http://www.webdesignhull.lincoln.ac.uk/jecgardner/mpr/php_blog.php]php_blog.php[/url] and the code for this page looks like this:

[code]<?php

mysql_connect ('localhost', 'username', 'password') ;
mysql_select_db ('username');

$sql = "CREATE TABLE php_blog (
  id int(20) NOT NULL auto_increment,
  timestamp int(20) NOT NULL,
  title varchar(255) NOT NULL,
  entry longtext NOT NULL,
  PRIMARY KEY  (id),
  UNIQUE KEY id (id)
)";

$result = mysql_query($sql) or print ("Can't create the table 'php_blog' in the database.<br />" . $sql . "<br />" . mysql_error());


if ($result != false) {
    echo "Table 'php_blog' was successfully created.";
}

mysql_close();
?>
[/code]

Do I need to add a username and password field to that table?
Or do I make a new table just for username and password?


[url=http://www.webdesignhull.lincoln.ac.uk/jecgardner/mpr/blog_entry_form.php]Heres a link to the submit form[/url] and heres the code:
[code]
<?php

$current_month = date("F");
$current_date = date("d");
$current_year = date("Y");
$current_time = date("H:i");


if (isset($_POST['submit'])) {

    $month = htmlspecialchars(strip_tags($_POST['month']));
    $date = htmlspecialchars(strip_tags($_POST['date']));
    $year = htmlspecialchars(strip_tags($_POST['year']));
    $time = htmlspecialchars(strip_tags($_POST['time']));
    $title = htmlspecialchars(strip_tags($_POST['title']));
    $entry = $_POST['entry'];
    $password = htmlspecialchars(strip_tags($_POST['password']));

    $timestamp = strtotime($month . " " . $date . " " . $year . " " . $time);

    $entry = nl2br($entry);

    if (!get_magic_quotes_gpc()) {
        $title = addslashes($title);
        $entry = addslashes($entry);
    }

mysql_connect ('localhost', 'username', 'password') ;
mysql_select_db ('username');

    $sql = "INSERT INTO php_blog (timestamp,title,entry,password) VALUES ('$timestamp','$title','$entry','$password')";

    $result = mysql_query($sql) or print("Can't insert into table php_blog.<br />" . $sql . "<br />" . mysql_error());

    if ($result != false) {
        print "Your entry has successfully been entered into the database.";
    }

    mysql_close();
}
?>

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

<p><strong><label for="month">Date (month, day, year):</label></strong>

<select name="month" id="month">
<option value="<?php echo $current_month; ?>"><?php echo $current_month; ?></option>
<option value="January">January</option>
<option value="February">February</option>
<option value="March">March</option>
<option value="April">April</option>
<option value="May">May</option>
<option value="June">June</option>
<option value="July">July</option>
<option value="August">August</option>
<option value="September">September</option>
<option value="October">October</option>
<option value="November">November</option>
<option value="December">December</option>
</select>

<input type="text" name="date" id="date" size="2" value="<?php echo $current_date; ?>" />

<select name="year" id="year">
<option value="<?php echo $current_year; ?>"><?php echo $current_year; ?></option>
<option value="2004">2004</option>
<option value="2005">2005</option>
<option value="2006">2006</option>
<option value="2007">2007</option>
<option value="2008">2008</option>
<option value="2009">2008</option>
<option value="2010">2010</option>
</select>

<strong><label for="time">Time:</label></strong> <input type="text" name="time" id="time" size="5" value="<?php echo $current_time; ?>" /></p>

<p><strong><label for="title">Title:</label></strong> <input type="text" name="title" name="title" size="40" /></p>

<p><strong><label for="password">Password protect?</label></strong> <input type="checkbox" name="password" id="password" value="1" /></p>
<p><textarea cols="80" rows="20" name="entry" id="entry"></textarea></p>

<p><input type="submit" name="submit" id="submit" value="Submit"></p>

</form>[/code]


I fixed this problem..

[quote author=foevah link=topic=113954.msg463449#msg463449 date=1162783725]Any ideas why it doesnt say sorry password is wrong??[/quote]
Link to comment
Share on other sites
foevah Member

foevah

Posted
  • Author
Posted
I found this tutorial and ive succussfully been able to work the script
[url=http://www.free2code.net/plugins/articles/read.php?id=99]http://www.free2code.net/plugins/articles/read.php?id=99[/url]

[url=http://www.webdesignhull.lincoln.ac.uk/jecgardner/user_db/register.php]Click here to see my attempt at this script[/url]

You can register successfully and [url=http://www.webdesignhull.lincoln.ac.uk/jecgardner/user_db/login.php]login here[/url] successfully.

The register is a form for adding usernames with passwords to the database. Ive connected to the database in dreamweaver using the MySQL Connection. I just need to figure out how this can be used with the blog im doing lol
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.