if (username == 'admin' and password == 'password') {

[synchro_irl]

hey guys

hope yer all well

 

im trying to get my login code to detect that the administrator is trying to login i.e. whose username is admin and password is password for example.

 

how do i go about writing this code?

i have tried:

 

if (username == 'admin1' and password == 'clio172') { 

include ("index.php");
} 

 

i thought this would work fine but it aint.

 

any ideas?

[aschk]

I think you want to use variables instead of constants

$username and $password , NOT username and password...

[tinker]

also use 'if ( (strcmp($name, $cname)==0) && (etc...) )' and if your storing the password then do a md5 hash of it!

[stublackett]

Yeah,

 

Your best setting variables at the top of the script

<?php
$username = 'username';
$password = md5 'password';

if (username == '$username' and password == md5 'password') {

include ("index.php");
}
?>

Your best directing to a header instead of the include statement

[synchro_irl]

hey guys

i think i might not have made myself clear, i want to hard code, i.e. have constants in this example, not variables.

how wood i go about doing this,

thanks

steve

[trq]

<?php

if (isset($_POST['submit'])) {
  $username = $_POST['username'];
  $password = $_POST['password'];

  if ($username == 'admin' && $password == 'adminpass') {
    // show content.
  } else {
    echo "access denied!";
  }

?>

[synchro_irl]

iv tried this but it doesnt work heres teh code again:

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--
Design by Free CSS Templates
http://www.freecsstemplates.org
Released for free under a Creative Commons Attribution 2.5 License

Name       : Pluralism
Description: A two-column, fixed-width template fit for 1024x768 screen resolutions.
Version    : 1.0
Released   : 20071218

-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>Search4Trade</title>
<meta name="keywords" content="" />
<meta name="description" content="" />
<link href="style.css" rel="stylesheet" type="text/css" media="screen" />
</head>
<body>
<div id="wrapper" style="width: 961px; height: 564px">
<div id="wrapper2">
	<div id="header">
		<div id="logo">
			<h1><font size="6">search4trade.net</font></h1>
		</div>
		<div id="menu">
			<ul style="line-height: 170%; text-align: justify; margin-left: 3em; margin-bottom: 1.5em">
				<li><a href="Search1.html">Search </a></li>
				<li><a href="Login1.php">Login</a></li>
				<li><a href="#">Forum</a></li>
				<li><a href="registration.html">Register</a></li>
				<li><a href="adreview.html">Star Rating</a></li>
				<li><a href="#">Contact</a></li>
			</ul>
		</div>
	</div>
	<div id="page">
		<div id="content" style="width: 766px; height: 205px">
			<div class="post">
				<h2 class="title"><a href="#">Welcome to Search4Trade</a></h2>
				<div class="entry">
<?php
// Connects to your Database
mysql_connect("localhost", "root", "clio172") or die(mysql_error());
mysql_select_db("mydatabase") or die(mysql_error());

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

{
$username = $_COOKIE['username'];
$pass = $_COOKIE['password'];
$check = mysql_query("SELECT * FROM mytable WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: submit.html");

}
}
}


//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database


$check = mysql_query("SELECT * FROM mytable WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database.');



}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}

else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);



if (username == 'admin1' and password == '123') { 

include ("index.php");
}
else{
echo "You're now logged in!";}
}}}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}

?>											</div>
			</div>
		</div>
	</div>
</div>
</div>
<p style="text-align: center"> </p>
</body>


</html>

[Mav666]

shouldn't it be

 

if ((username == 'admin') and (password == 'password')) {

[trq]

If you are refering to this....

 

if (username == 'admin1' and password == '123') { 

include ("index.php");
}
else{
echo "You're now logged in!";}
}}}

 

Take a look at it compared to my example. You have not defined the username or password constants anwhere in your code. These really ought be $_POST['username'] and $_POST['pass']. Your if() statement is also backward, saying they are logged in when the expression returns false.

 

There are numerous other errors further up in your code, but to be honest, I'm just not up for wading through it all. Maybe if it where indented so it was readable and you offered a clearer description of your issue than simply stating it doesn't work.