Jump to content

Issue with PHP login & registration form without using a database


Pocket

Recommended Posts

Could anyone help me making a login function that checks the txt document if user and pw exists/are correct? -and if they are, sends you to a logged in page. This is for a assignment which is why I have to store the information in a text document, I know it's unsafe. Also i know i should use $_Sessions but I'm not sure how to use it and where to put it.

So far I have created the form which has 2 buttons one for registering and one for logging in. I have also created the registration function which checks the text file if the username already exists if not it will register it.

 

<html lang="eng">
<head>

    <link rel="stylesheet" href="style.css">
    <title>name</title>

</head>

<body>


<div class="formdiv">

    <h2>Log in or register</h2>

    <form action="" method="post">

        <p>Username<p style="color:black">*</p> <input type="text" name="user" placeholder="Type in your username" required>
        <p>Password<p style="color:black">*</p> <input type="password" name="pw" placeholder="Type in your password" required>

        <?php

        if (isset($_POST['saveBtn'])){
            $username  = $_POST['user'];
            $password = $_POST['pw'];

            $error = register($username);

            if ($error == '') {
                echo "User: $username has been registered!<br/>";

            }
            else echo $error;

        }
        ?>

        <input type="submit" name="saveBtn" value="Save new user">
        <input type="submit" name="loginBtn" value="Login">


    </form>
</div>


<?php // Registration

function register($user){

    $textError = '';

    // Check and see if user exists
    $UserPassTxt = fopen("userpwd.txt","a+"); // Opens text doc
    rewind($UserPassTxt);

    while (!feof($UserPassTxt)) {
        $line = fgets($UserPassTxt);
        $tmp = explode(':', $line);
        if ($tmp[0] == $user) {
            $textError = "Username already exists!";
            break;
        }
    }

    if ($textError == ''){
        $hash = password_hash('', PASSWORD_DEFAULT);

        fwrite($UserPassTxt, "\n$user: $hash");
    }

    fclose($UserPassTxt); // Closes txt doc

    return $textError;

}

?>

<?php //Login

function login($user, $pass){


}

?>




</body>


///here's my best attempt at the function

<?php //Login

$error = '0';

if (isset($_POST['loginBtn'])){

    $username = $_POST['user'];
    $password = $_POST['pw'];

    $error = login($username,$password);
}


function login($user, $pass){
    $errorText = '';
    $validUser = false;

    $UserPassTxt = fopen("userpwd.txt","r");
    rewind($UserPassTxt);

    while (!feof($UserPassTxt)) {
        $line = fgets($UserPassTxt);
        $tmp = explode(':', $line);
            if ($tmp[0] == $user) {

            if (trim($tmp[1]) == trim(password_hash('', PASSWORD_DEFAULT))){
                $validUser= true;
                $_SESSION['user'] = $user;
            }
            break;
        }
    }
    fclose($UserPassTxt);

    if ($validUser != true) $errorText = "Not correct username or password";

if ($validUser == true) $_SESSION['validUser'] = true;
    else $_SESSION['validUser'] = false;

return $errorText;
}

function logoutUser(){
unset($_SESSION['validUser']);
unset($_SESSION['user']);
}

function checkUser(){
if ((!isset($_SESSION['validUser'])) || ($_SESSION['validUser'] != true)){
    header('Location: index.php');
}
}

?>

 

Link to comment
Share on other sites

You didn't describe the problem, but I would expect it has something to do with logging in never working. Because of passwords.

register() needs to stored the (hashed) password in the user file. It's currently storing the hash of an empty string.
Then login() needs to use password_verify to check the inputted password against the hash.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.