Simple PHP Question

[PHP_Genius1877]

Hello everyone! I am a new user and I have a simple question. How do I set a password for a user to log in to my site with PHP? I have no MySQL database just a iOS code/host app. I know this isn’t secure but only me and my friends are on the site. Any help is appreciated. 

[Barand]

You don't need a mysql database but you do need somewhere to store the userame/password pairs.

Sqlite is an option, or you could just use a text file (perhaps ini file format)

[PHP_Genius1877]

Thank you for your reply! My application only allows .html .css and .js files. However I can write PHP in the HTML files. I was thinking the code would look something along the lines of this:

<?php
$user = 'admin';
$password = 'test';
if ($_POST['username'] == $user  && $_POST['password'] == $password) {
  echo 'successfully logged in';    
} else {
  echo 'you have entered the wrong username or password.';
}

But, I am a beginner to PHP so it doesn’t work yet 🤣

Edited June 14, 2021 by PHP_Genius1877

[Barand]

If you aren't allowed to write to files, find another host.

It seems your only option may be a hard-coded array. Create passwords using password_hash() for added security.

$pwds = [
           'john'   => '$2y$10$Vp/6Bk1eNcl3V/cKZCcZN.d43uYTgEMyHSkkFv..S22LbIhkTATPK',
           'paul'   => '$2y$10$hMcamjUSx5/ixfMjd34gL.ChXtO/EsbPYoYb82tFw3YBrqGwADAEW',
           'george' => '$2y$10$kjFY1j.0GfmUbNEa0rOfE.UfFCZ19sYIHzEh2T4NeqOCsC8jnDlPG',
           'ringo'  => '$2y$10$XgFC90JsmmpCeU68y/gm8epw1PZRgSDTNn0GdoCG9MdKkiVigTvkG'
        ];
        
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $pass = $pwds[ $_POST['username'] ];
    if (password_verify($_POST['password'], $pass)) {
        echo "Log in successful<br>";
    }
    else {
        echo "Invalid log in<br>";
    }
}

The 4 passwords are password1, password2, password3, password4

Edited June 14, 2021 by Barand

[PHP_Genius1877]

Ok so this is the PHP I am using:

<?php
$password = [
    'john'   => 'password1',
    'paul'   => 'password2',
    'george' => 'password3',
    'robert'  => 'password4'
];
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
    $pass = @$password [ $_POST['username'] ];
    if (!isset($pass))
    {
        echo "Invalid log in<br>";
    }
    else
    {
        if ($_POST['password'] == $pass)
        {
            echo "Log in successful<br>";
        }
        else
        {
            echo "Invalid username or password<br>";
        }
    }
}
?>

And this is the HTML for the login form:

<body>    
    <center> <h1>Login</h1> </center>   
    <form action="" method="POST">
        <div class="container">   
            <label>Username:</label>   
            <input type="text" placeholder="Enter Username" name="username" required>  
            <label>Password:</label>   
            <input type="password" placeholder="Enter Password" name="password" required>  
            <button type="submit">Login</button>   
            <input type="checkbox" checked="checked"> Remember me   
            <button type="button" class="cancelbtn"> Cancel</button>   
            <a href="">Forgot password?</a>
        </div>   
    </form>
</body>     
</html>

I only have one problem. The PHP is showing up as text on the login page even though I put the <?php tags… Any thoughts?

[Barand]

Is it a ,html page or a .php page?

Needs to be .php to execute php code (unless server is specifically configured otherwise)

[PHP_Genius1877]

My iOS (iPad) application only allows .html .css and .js files. Would you recommend any other editors for my platform? I also have a Linux desktop. I could transfer the files there.

Edited June 15, 2021 by PHP_Genius1877

[PHP_Genius1877]

<!DOCTYPE html>
<html>   
<head>
<form action="./index_php.html">
<meta name="viewport" content="width=device-width, initial-scale=1">  
<title>Login Page</title>
<style>

<!-- My CSS here -->
  
</style>   
</head>
<body>    
    <center> <h1>Login</h1> </center>   
    <form action="" method="GET">
        <div class="container">   
            <label>Username:</label>   
            <input type="text" placeholder="Enter Username" name="username" required>  
            <label>Password:</label>   
            <input type="password" placeholder="Enter Password" name="password" required>  
            <button type="submit">Login</button>   
            <input type="checkbox" checked="checked"> Remember me   
            <button type="button" class="cancelbtn"> Cancel</button>   
            <a href="">Forgot password?</a>
        </div>   
    </form>
</body>     
</html>

<?php
$password = [
    'robert'   => 'password1',
    'mike'   => 'password2',
    'george' => 'password3',
    'john'  => 'password4'
];
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
    $pass = @$password [ $_POST['username'] ];
    if (!isset($pass))
    {
        echo "Invalid log in<br>";
    }
    else
    {
        if ($_POST['password'] == $pass)
        {
            echo "Log in successful<br>";
        }
        else
        {
            echo "Invalid username or password<br>";
        }
    }
}
?>

This is my code in the login.html file, what am I doing wrong? I can still log in no matter what username or password I enter.

Edited June 15, 2021 by PHP_Genius1877

[PHP_Genius1877]

How do I get form action to specify when to take the user to the page? After they have logged in with the correct username and password

<form action="./index_php.html">

 

[Barand]

5 hours ago, Barand said:

Is it a ,html page or a .php page?

Needs to be .php to execute php code (unless server is specifically configured otherwise)

A .php file can contain HTML

A .html file cannot contiain php (and process it)

Edited June 15, 2021 by Barand

[PHP_Genius1877]

Then how do I “specifically configure the server otherwise”?

[Barand]

Why don't you just rename "login.html" as "login.php".

[PHP_Genius1877]

4 minutes ago, Barand said:

A .php file can contain HTML

A .html file cannot contiain php (and process it)

Alright. I guess that answers my question. I do have one more. Is there a way to tell the HTML to require a specific password as I have illustrated below?

<body>    
    <center> <h1>Login</h1> </center>   
    <form action="" method="GET">
        <div class="container">   
            <label>Username:</label>   
            <input type="text" placeholder="Enter Username" name="username" required> <!-- Require a specific username -->
            <label>Password:</label>   
            <input type="password" placeholder="Enter Password" name="password" required> <!-- Require a specific password -->
            <button type="submit">Login</button>   
            <input type="checkbox" checked="checked"> Remember me   
            <button type="button" class="cancelbtn"> Cancel</button>   
            <a href="">Forgot password?</a>
        </div>   
    </form>
</body>     
</html>

 

[PHP_Genius1877]

I would just create the darn PHP file, but my code editor won’t let me. There aren’t any other good code editors on iOS sadly

Edited June 15, 2021 by PHP_Genius1877

[Barand]

Won't the file system let you rename files?

 

[PHP_Genius1877]

Unfortunately, no. I can only create new ones (HTML, CSS, JS) and delete them.

[Barand]

Mac editors

[PHP_Genius1877]

I have VS Code on my Linux system. How do I make a free website? I have the files, but I need a url I.e. https://example.com/ to share with my friends. 

[Barand]

Your site would be "localhost". EG

http://localhost/login.php

or

http://aaa.bbb.ccc.ddd/login.php

where aaa.bbb.ccc.ddd is your IP address, though I don't don''t know if it will work for your friends - never tried it. There is free site hosting available, but you get what you pay for!

Edited June 15, 2021 by Barand

[PHP_Genius1877]

So I have the VS Code extension SQLTools, how do I make a MySQL database?

[Barand]

You need to install MySql on your Linux system.

[PHP_Genius1877]

How do I do that? Sorry for all the questions @Barand I realize I am being something of a nuisance 😂 But, I am new to programming.

[Barand]

https://www.letmegooglethat.com/?q=install+mysql+on+linux

[PHP_Genius1877]

I am transferring all my files to my Linux. I am installing Node.js and npm. (It is at 73% right now) I will keep you updated.