Page 1 of 1

login form that calls itself

Posted: Tue Nov 21, 2006 4:11 pm
by code_hammer
I'm trying to make the login form appear in each of these cases:
- user want to log in
- user access page when not logged in
- user inputs wrong name and passsword
A login object is created on each page, the constructor does the checks.
Unfortunatley, it doesn't work well when user inputs wrong name/pass.
I'd like to have the same form displayed in every case ...
Code:

Code: Select all

<?php

session_start();

class Test
{
    var $bad;
    function Test($islogin=false)
    {
        $bad = false;
        if (isset($_SESSION['user']) && isset($_SESSION['pass'])) {
            if ($this->checkuser()) echo 'Already logged <br>';
            else {
                unset($_SESSION);
                session_destroy();
                session_start();
                $this->bad = true;
                $this->login();
            }
        }
        else $this->login();
    }
    function paintform()
    {
        echo "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n";
        echo "Nume &nbsp; <input type=\"text\" name=\"txtUser\"><br>\n";
        echo "Parola &nbsp; <input type=\"password\" name=\"passPass\">\n";
        echo "<hr>";
        echo "<input type=\"submit\">\n";
        echo "</form>\n";
    }
    function login()
    {
        if(!$this->bad && isset($_POST['txtUser']) && isset($_POST['passPass'])) {
            $_SESSION['user'] = $_POST['txtUser'];
            $_SESSION['pass'] = $_POST['passPass'];
        }
        else {
            if ($this->bad) echo "invalid user/pass <br>\n";
            $this->bad = false;
            $this->paintform();
            exit;
        }
    }
    function checkuser() {
        if ($_SESSION['user'] != 'test') return false;
        if ($_SESSION['pass'] != 'test') return false;
        return true;
    }
}

$obj =& new Test;
echo ' Success <br>';

?>
you will see that the form with 'invalid name/pass' appears once at every two refreshes :(
Please, help me to make this work.
Thank you in advance.

Posted: Tue Nov 21, 2006 4:19 pm
by code_hammer
Ooops, there's a small error:
$bad = false;
should be
$this->bad = false;
but script the behaviour remains the same :(

Posted: Tue Nov 21, 2006 5:52 pm
by feyd
login() always checks $_POST. .. Are you posting on every page?

Posted: Wed Nov 22, 2006 5:04 am
by code_hammer
I guess I was in a hurry or tired so I could't think clear.
Here's the solution.

Code: Select all

<?php

session_start();

class Test
{
    function Test($islogin=false)
    {
        if (isset($_POST['txtUser']) && isset($_POST['passPass'])) {
            if ($this->checkuser($_POST['txtUser'], $_POST['passPass'])) {
                $_SESSION['user'] = $_POST['txtUser'];
                $_SESSION['pass'] = $_POST['passPass'];
            }
            else {
                unset($_SESSION);
                session_destroy();
                session_start();
                $this->paintform('Invalid User or Password');
                exit;
            }
        } else if (isset($_SESSION['user']) && isset($_SESSION['pass'])) {
            if ($this->checkuser($_SESSION['user'], $_SESSION['pass'])) echo 'Already logged <br>';
            else {
                unset($_SESSION);
                session_destroy();
                session_start();
                $this->paintform('Invalid User or Password - changed across session');
                exit;
            }
        }
        else {
            $this->paintform('Please, Log in');
            exit;
        }
    }
    function paintform($msg)
    {
        if (!empty($msg)) echo "<h5>$msg</h5><br>\n";
        echo "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n";
        echo "Nume &nbsp; <input type=\"text\" name=\"txtUser\"><br>\n";
        echo "Parola &nbsp; <input type=\"password\" name=\"passPass\">\n";
        echo "<hr>";
        echo "<input type=\"submit\">\n";
        echo "</form>\n";
    }
    function checkuser($usr, $pwd) {
        if ($usr != 'test') return false;
        if ($pwd != 'test') return false;
        return true;
    }
}

$obj =& new Test;
echo $_SESSION['user'] . ' - Success <br>';

?>
Thank you guys for trying anyway :)