NEED HELP WITH A LOG-IN FILE!!!!!!!!!!!!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
infopiggy
Forum Newbie
Posts: 3
Joined: Tue Oct 14, 2003 5:24 pm

NEED HELP WITH A LOG-IN FILE!!!!!!!!!!!!

Post by infopiggy »

Code: Select all

<Html>
<form method="<? SELF ?>">
Username: <input type="text" name="user"><br>
Password: <input type="password" name="pass"><br>
<input type="submit" value="Log-in">
<?php 
if ( ! $auth )
 &#123; 
	 echo ("Please Log-In");
 &#125; elseif ($auth == true) 
 &#123;
	 $mem = "members.php?user=$user&pass=$pass";
	 $send = urlencode($mem);
	 header ("Location:$send");
 &#125;
$auth = false; // Assume user is not authenticated 

    // Read the entire file into the variable $file_contents 
    $PW = $_REQUEST&#1111;'pass'];
    $USER = $_REQUEST&#1111;'user'];
    $filename = 'Users.txt'; 
    $fp = fopen( $filename, 'r' ); 
    $file_contents = fread( $fp, filesize( $filename ) ); 
    fclose( $fp ); 

    // Place the individual lines from the file contents into an array. 

    $lines = explode ( "\n", $file_contents ); 

    // Split each of the lines into a username and a password pair 
    // and attempt to match them to $PHP_AUTH_USER and $PHP_AUTH_PW. 

    foreach ( $lines as $line ) &#123; 

        list( $username, $password ) = explode( ':', $line ); 

        if ( ( $username == "$USER" ) && 
             ( $password == "$PW" ) ) &#123; 

            // A match is found, meaning the user is authenticated. 
            // Stop the search. 

            $auth = true; 
            break; 

        &#125; 
    &#125;
That is my code, for some reason it doesn't process if i log in correctly and it brings up an erro saying that headers are already sent. Can someone get this code working for me. I can help you with some of your problems.
PLEASE HELP ME
:?: :?: :?: :?:
Gen-ik
DevNet Resident
Posts: 1059
Joined: Mon Aug 12, 2002 7:08 pm
Location: London. UK.

Post by Gen-ik »

Unless you are using buffering ALL php headers MUST be before the <html> part of the page.


This will work.....

Code: Select all

<?
header("Location:whatever");
?>
<html>

....... this will not work.........

Code: Select all

<html>
<?
header("Location:whatever");
?>
infopiggy
Forum Newbie
Posts: 3
Joined: Tue Oct 14, 2003 5:24 pm

Knew that

Post by infopiggy »

I knew that but that was since my post.
Thanks though.
How can I make the code secure, let's be honest text files can be hacked.
I was wondering if their was any way that i could Connect to a Visual Basic .EXE with and an Excel database on the server, which would maybe allow me to add payment options.

That would involve creating a revolutionary program though and i have a feeling their is a simpler way. Considering I've learned php from simple random banner scripts and pollcodes i don't know many functions and wat-nots.

THANKS

P.S. - I really want to add payment options to the site but if someone pays paypal how would i make a NON-MYSQL document register whether
they've paid or not.

P.S.S. - I REFUSE TO USE MYSQL
P.S.
User avatar
m3mn0n
PHP Evangelist
Posts: 3548
Joined: Tue Aug 13, 2002 3:35 pm
Location: Calgary, Canada

Post by m3mn0n »

PostgreSQL? :)
itbegary
Forum Commoner
Posts: 34
Joined: Sun Jan 05, 2003 2:50 am

Post by itbegary »

Hmm, perplexing. Storing login names in a flax file is bad. You will need some type of database for proper operations. Something about read concurrency while your updateing... There is a development version of MSAccess for unix (on sourceforge) that you might want to try but since your saying VB/Excel I'm assuming that your on Windows.

Even if you use an Access DB/Excel your not much safer. If they can can access to the text file they can get your DB//Excel, in which case it's easy for them because they can just generate a report with usernames and passwords :).

Also, linking to any other DB is as impracticle as the text. If they can hack the text file, they probably can hack the script which would interface with the DB, in which case security is out the window because they can do what they want :). Your system is only as secure as you can make it.

BTW, rules of thumb are you should not use any datasource that isn't its own engine. Access under Windows under IIS means slow and Excell is slower than that.

Seriously take a look at PostreSQL and if that isn't an option I would rethink the MySQL idea.
User avatar
Rob
Forum Commoner
Posts: 33
Joined: Fri Oct 03, 2003 3:18 pm

Post by Rob »

I used to use php with a VB exe to store users in an access DB. Its pretty annoying, its so much easier using SQL but I used the System(); command to run my exe, the exe needs to use lots of command line options.
User avatar
m3mn0n
PHP Evangelist
Posts: 3548
Joined: Tue Aug 13, 2002 3:35 pm
Location: Calgary, Canada

Post by m3mn0n »

Yeah I'd imagine. 8O
infopiggy
Forum Newbie
Posts: 3
Joined: Tue Oct 14, 2003 5:24 pm

Post by infopiggy »

Thanks a lot. I just find programming databases to be annoying. I tried using that PHPUSERADMIN THING or whatever it's called for MYSQL but the thing wouldn't save my tables, rows or columns so i gave up on that.
The problem with Postre SQL is that it needs an installation (i think...) and i ain't ready to buy my own server. So do u guys no a good free postgre server that would work till i got a domain?
jason
Site Admin
Posts: 1767
Joined: Thu Apr 18, 2002 3:14 pm
Location: Montreal, CA
Contact:

Post by jason »

Huh? Both PostgreSQL and MySQL need an installation.

And you couldn't get phpMyAdmin to "save" your tables?

I am only skeptical, abd wondering, because if you couldn't use phpMyAdmin, or get MySQL to work, you ain't getting PostgreSQL to work.
Post Reply