synchro_irl Posted February 20, 2008 Share Posted February 20, 2008 hey guys hope yer all well im trying to get my login code to detect that the administrator is trying to login i.e. whose username is admin and password is password for example. how do i go about writing this code? i have tried: if (username == 'admin1' and password == 'clio172') { include ("index.php"); } i thought this would work fine but it aint. any ideas? Quote Link to comment Share on other sites More sharing options...
aschk Posted February 20, 2008 Share Posted February 20, 2008 I think you want to use variables instead of constants $username and $password , NOT username and password... Quote Link to comment Share on other sites More sharing options...
tinker Posted February 20, 2008 Share Posted February 20, 2008 also use 'if ( (strcmp($name, $cname)==0) && (etc...) )' and if your storing the password then do a md5 hash of it! Quote Link to comment Share on other sites More sharing options...
stublackett Posted February 20, 2008 Share Posted February 20, 2008 Yeah, Your best setting variables at the top of the script <?php $username = 'username'; $password = md5 'password'; if (username == '$username' and password == md5 'password') { include ("index.php"); } ?> Your best directing to a header instead of the include statement Quote Link to comment Share on other sites More sharing options...
synchro_irl Posted February 20, 2008 Author Share Posted February 20, 2008 hey guys i think i might not have made myself clear, i want to hard code, i.e. have constants in this example, not variables. how wood i go about doing this, thanks steve Quote Link to comment Share on other sites More sharing options...
trq Posted February 20, 2008 Share Posted February 20, 2008 <?php if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; if ($username == 'admin' && $password == 'adminpass') { // show content. } else { echo "access denied!"; } ?> Quote Link to comment Share on other sites More sharing options...
synchro_irl Posted February 20, 2008 Author Share Posted February 20, 2008 iv tried this but it doesnt work heres teh code again: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <!-- Design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License Name : Pluralism Description: A two-column, fixed-width template fit for 1024x768 screen resolutions. Version : 1.0 Released : 20071218 --> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>Search4Trade</title> <meta name="keywords" content="" /> <meta name="description" content="" /> <link href="style.css" rel="stylesheet" type="text/css" media="screen" /> </head> <body> <div id="wrapper" style="width: 961px; height: 564px"> <div id="wrapper2"> <div id="header"> <div id="logo"> <h1><font size="6">search4trade.net</font></h1> </div> <div id="menu"> <ul style="line-height: 170%; text-align: justify; margin-left: 3em; margin-bottom: 1.5em"> <li><a href="Search1.html">Search </a></li> <li><a href="Login1.php">Login</a></li> <li><a href="#">Forum</a></li> <li><a href="registration.html">Register</a></li> <li><a href="adreview.html">Star Rating</a></li> <li><a href="#">Contact</a></li> </ul> </div> </div> <div id="page"> <div id="content" style="width: 766px; height: 205px"> <div class="post"> <h2 class="title"><a href="#">Welcome to Search4Trade</a></h2> <div class="entry"> <?php // Connects to your Database mysql_connect("localhost", "root", "clio172") or die(mysql_error()); mysql_select_db("mydatabase") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) { $username = $_COOKIE['username']; $pass = $_COOKIE['password']; $check = mysql_query("SELECT * FROM mytable WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: submit.html"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['pass']) { die('You did not fill in a required field.'); } // checks it against the database $check = mysql_query("SELECT * FROM mytable WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database.'); } while($info = mysql_fetch_array( $check )) { $_POST['pass'] = stripslashes($_POST['pass']); $info['password'] = stripslashes($info['password']); $_POST['pass'] = md5($_POST['pass']); //gives error if the password is wrong if ($_POST['pass'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['pass'], $hour); if (username == 'admin1' and password == '123') { include ("index.php"); } else{ echo "You're now logged in!";} }}} else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="pass" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> </div> </div> </div> </div> </div> </div> <p style="text-align: center"> </p> </body> </html> Quote Link to comment Share on other sites More sharing options...
Mav666 Posted February 20, 2008 Share Posted February 20, 2008 shouldn't it be if ((username == 'admin') and (password == 'password')) { Quote Link to comment Share on other sites More sharing options...
trq Posted February 20, 2008 Share Posted February 20, 2008 If you are refering to this.... if (username == 'admin1' and password == '123') { include ("index.php"); } else{ echo "You're now logged in!";} }}} Take a look at it compared to my example. You have not defined the username or password constants anwhere in your code. These really ought be $_POST['username'] and $_POST['pass']. Your if() statement is also backward, saying they are logged in when the expression returns false. There are numerous other errors further up in your code, but to be honest, I'm just not up for wading through it all. Maybe if it where indented so it was readable and you offered a clearer description of your issue than simply stating it doesn't work. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.