password with forms and if/else statements

[dahwan]

hey everyone. I am a new user here and i hope to helpe and be helped :)
I am having a problem making a web page. When it pops up i want it to show me the banner and a password field below it. This i have. Then i want to make the password, in my case, 123. So when i type 123 in my passfield i get to the index of my page.
This is the form in the index so far:
[code]
<form action="home.php"><input type="password" name="password" size="24"><input type="submit" name="enter" value="Enter"></form>
[/code]
on the top of the index i have:
[code]
<?php
$password = "password";
?>
[/code]
Then i have the home.php file, which is very simple, but it doesnt work:
[code]
<?php
if ( $password == 123 ) {
echo "welcome dahwan";
}
else {
echo "acces denied";
}
?>
[/code]

now, i know this is probably way of, but if you could give me a few reasons why this doesnt work, it would be nice ^^

[Caesar]

First, you want to make sure that you don't asume [color=orange]register_globals[/color] to be set to "On" in PHP on your server. So, when you're submitting data from a form, instead of:
[code]<?php
$password = "password";
?>[/code]
You should use:
[code]<?php
$password = $_POST['password'];
?>[/code]

[dahwan]

oh yeah. And allso, after some experimenting i found out that the home.php should be
[code]<?php
$password = $_POST['password'];

if ( $password == 123 ) {
echo "welcome dahwan";
}
else {
echo "acces denied";
}
?>[/code]

Before i had the "$password = $_POST['password'];" part in the index.php file. But its one more thing. I want to be able to be the only one to acces my page with that password. does the mean i have to make EVERYTHING in the "if" statement? cuz that'd be kind of hard. How can i fix on that?

[ryeman98]

I'm not sure if I know exactly what you mean but there are other ways.

If you want a system like that that can store passwords, names, etc. Learn (my)sql and it can make it a lot easier. Good luck!

[dahwan]

well, the home.php side contains only this:
[code]<?php
$password = $_POST['password'];

if ( $password == 123 ) {
echo "welcome dahwan";
}
else {
echo "acces denied";
}
?>[/code]

and i was thinking, do i have to have my entire web page in the "if" section of the code? or can i have a code in the "else" section that closes the page? or even better, can i have links in the if or else sections that instantly sends the used to another page.
i need help :P

[pedrobcabral]

[quote]can i have links in the if or else sections that instantly sends the used to another page[/quote]
you can use java inside the if clauses something like:

<script>window.location='www.domain.com/path';</script>

[dahwan]

hmmm. intresting; i'll have to check that out. But on the path i discovered a new problem. I dont know whats causing it.
code:
[code]<html>
<link rel=stylesheet href=styles%5cmain.css>
<table cellspacing=0 cellpadding=0 style='background: black;'>
<tr>
<td>
<param name='movie'

value='graphics\BannerFlash.swf' />

<param name='quality' value='high' />

<param name='bgcolor' value='#ffffff' />

<embed src="graphics%5cBannerFlash.swf" quality='high' bgcolor='#000000'

width='600' height='200'

name='banner' align='' type='application/x-shockwave-flash'

pluginspage='http://www.macromedia.com/go/getflashplayer'>


</embed>

</object>
</td align='right'>
<td width='100%'>
</td>
</tr>
</table>[/code]
link: http://85.167.69.147/top.html <-(i trust you guys enough to share my current IPadress)

Now, why doesnt this work? :S

[JP128]

[code]<?php
ob_start();
$password = $_POST['password'];

if ( $password == 123 ) {
echo "welcome dahwan";
}
else {
echo "<script language=javascript> alert('acces denied'); </script>";
        header("Location: gohereifpasswordisbad");
}
?>[/code]

[dahwan]

woow, thx. what does ob_start do?
and what should i do with my other problem?

[JP128]

Well, I dont exactly know what your prob is with your banner... but OB Start means that it allows output buffering.. .and that will let it redirect...

[dahwan]

[code]
<?php include('top.html');
ob_start();
$password = $_POST['password'];

if ( $password == 123 ) {
echo "welcome!";
}
else {
echo "<script language=javascript> alert('acces denied'); </script>";
header("location: index.php");
}
?>
[/code]
error error error it wont work. Know why? :O
go to http://85.167.69.147/ and write the wrong password and see what happens. why doesnt it work?

[dahwan]

error: Warning: Cannot modify header information - headers already sent by (output started at S:\xampp\xampp\htdocs\top.php:9) in S:\xampp\xampp\htdocs\home.php on line 10

what should i do?

[JP128]

You need to put ob_start first
..

<?php
ob_start();
//Now everything else.

[dahwan]

thx! its working. but now the error message wont appear :O
[code]
<?php
ob_start();
include('top.php');
$password = $_POST['password'];

if ( $password == 19111991 ) {
echo "";
}
else {
echo "<script language=javascript> alert('acces denied'); </script>";
header("Location: index.php");
}
?>
[/code]

[dahwan]

how can i make the error message appear?

[dahwan]

oh COMON

[JP128]

Hmm, I am not sure why it isnt working... If you want you could setup a session and set that session like...

$_SESSION['wrong'] = "Incorrect password";

and then near the textbox type

[code]
<?php
if(isset($_SESSION['wrong'])){
echo $_SESSION['wrong'];
unset $_SESSION['wrong'];
}
?>
[/code]

[dahwan]

could you perhaps tell me how sessions work? or direct me to a tutorial or something..? i've never heard of sessions b4 :O