PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I have a login page on my site but it virtually has no security (or so I'm told). Also it only contains a password field because I'm not sure how to require both a username and password, or how to mask the password as it's being typed. I tried to look through these forums before asking this because I'm sure it's very simple, but there were 83 pages of results so it would have taken me a while... anyway, here's the code I have:
if ($_POST['password'] == 'my_password' && $_POST['username'] == 'admin'){
Any help on adding the username requirement and having the password hidden behind asterisks would be very greatly appreciated. Thank you (especially feyd for putting up with my stupid questions ).
<?PHP
session_start();
header("Cache-control: private"); // IE 6 Fix.
// the above code begins your sessions for your site. It is used for added security
// the could MUST be at the top of each page
// get the data from the form
$username = $_POST['username'];
$password = $_POST['password'];
// see if it is a valid username and password
// you can use a database of usernames and passwords (preferred method), or
// a flat file (2nd choice), or
// you can hard code them (last choice)
// for this little example we will hard code it
$gooduser = "samspade";
$goodpass = "maltese";
if ($username == $gooduser && $password == $goodpass) {
// send them to a successful login page or whatever here
} else {
?>
You have entered an invalid name andor password<br>
Please try again!<br>
<a href="login.html">Continue</a>
<?PHP
}
?>
furiousweebee wrote:I tried to look through these forums before asking this because I'm sure it's very simple, but there were 83 pages of results so it would have taken me a while...
It also takes me a while to read your code, understand the problem and write up a solution. I'm at work right now taking a tea break. I'm very busy and don't have much time to progress my own coding projects never mind keep an eye on the forum, answer questions etc.
So, if you can't be bothered to read through search results I'm afraid I'm not very motivated to help.
You are of course welcome to post at any time but please make an effort to look for similar, previous posts first and then ask a question if you are still not sure what to do.
I actually went through 10 or 12 of the 83 pages of results and read through the posts that looked relevant but as I said, I'm not a programmer so simply reading some other code which may or may not relate to my problem doesn't help me too much. I understand and appreciate the time it takes to read my question and code and then try to find a solution, so any help you can offer me is great. Sorry to step on your toes.
Didn't put down much effort into the following, but I just wanted to show some of the things you can play around with. Test, try and lookup the things used in the manual for more examples and ideas.
session_start();
// check if the form's inputs are either blank or not correctly filled
if ( (((empty($_POST['username']) or empty($_POST['password'])) or ($_POST['username'] != 'foo' and $_POST['password'] != 'bar')))
and
// check if the session allready is granted
(empty($_SESSION['loggedin']) or $_SESSION['loggedin'] != 1) ) {
// neither was, show the login form
display_login_part();
} else {
// either was, echo 'success' and (re)set the session
echo 'success';
$_SESSION['loggedin'] = 1;
// header() or whatever...
}
function display_login_part() {
echo '
<form method="post">
<input type="text" name="username" />
<!-- this is what we use to "hide" what the user types: password -->
<input type="password" name="password" />
<input type="submit" />
</form>';
}