How to write a login page?

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
bluelad
Forum Commoner
Posts: 34
Joined: Mon Jun 05, 2006 8:34 am

How to write a login page?

Post by bluelad »

How to create a login page which once authenticated takes the user to another page.
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

Multi-user or just one?
bluelad
Forum Commoner
Posts: 34
Joined: Mon Jun 05, 2006 8:34 am

Post by bluelad »

I think one will do for now
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

If you only have one user, you don't even need a database... it's a good idea to use one anyway (for a number of reasons). Are you interested in making a database auth system or is that beyond the scope of your needs?
bluelad
Forum Commoner
Posts: 34
Joined: Mon Jun 05, 2006 8:34 am

Post by bluelad »

I only want only a few people who know the password to access the page. So i req only one username and password. It really has to very simple. I dont req too complicated codes. i searched on google, but those codes were a little too heavy for me. I want a simple code.
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

Include a script (which contains your expected username and password and hash the password with sha1() or something if you want it fairly secure) then test against it

Include a script (similar to this): authenticate.php

Code: Select all

$authenticated = false; // Set authenticate default to false

$expected_username = "bob";
$expected_password = "1234!@#$";

if(!empty($_POST['username'])) $_SESSION['username'] = $_POST['username']; // Turn posted variables into session variables
if(!empty($_POST['password'])) $_SESSION['password'] = $_POST['password'];

if($_SESSION['username'] == $expected_username) && ($_SESSION['password'] == $expected_password){
    $authenticated = true;
}
Every other page:

Code: Select all

require('authenticate.php');

if($authenticated){
    //Show page
}
Now, I wouldn't trust any type of information I needed REAL secure behind this system, but if you're just trying to keep the average joe out, it works I guess.

Does that make sense?
bluelad
Forum Commoner
Posts: 34
Joined: Mon Jun 05, 2006 8:34 am

Post by bluelad »

This is what i ahve done

Code: Select all

<?php

$authenticated = false; // Set authenticate default to false

$expected_username = "admin";
$expected_password = "admin";

if(!empty($_POST['username'])) $_SESSION['username'] = $_POST['username']; // Turn posted variables into session variables
if(!empty($_POST['password'])) $_SESSION['password'] = $_POST['password'];

*if($_SESSION['username'] == $expected_username) && ($_SESSION['password'] == $expected_password)*
{
    $authenticated = true;
}
?>
<table>
<tr>
<td>User</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="text" name="password"></td>
</tr>
</table>
But it is showing this error

Code: Select all

Parse error: parse error in d:\program files\easyphp1-8\www\link\admin_login.php on line 11
The line in asteriks is line no 11
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

bluelad wrote:This is what i ahve done

Code: Select all

<?php

$authenticated = false; // Set authenticate default to false

$expected_username = "admin";
$expected_password = "admin";

if(!empty($_POST['username'])) $_SESSION['username'] = $_POST['username']; // Turn posted variables into session variables
if(!empty($_POST['password'])) $_SESSION['password'] = $_POST['password'];

if(($_SESSION['username'] == $expected_username) && ($_SESSION['password'] == $expected_password))
{
    $authenticated = true;
}
?>
<table>
<tr>
<td>User</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="text" name="password"></td>
</tr>
</table>
But it is showing this error

Code: Select all

Parse error: parse error in d:\program files\easyphp1-8\www\link\admin_login.php on line 11
The line in asteriks is line no 11
That should do it
bluelad
Forum Commoner
Posts: 34
Joined: Mon Jun 05, 2006 8:34 am

Post by bluelad »

but it is still showing that eroor :!:
bluelad
Forum Commoner
Posts: 34
Joined: Mon Jun 05, 2006 8:34 am

Post by bluelad »

One more query...if i want to access the particular page i should use this code

Code: Select all

require('authenticate.php');

if($authenticated){
    //Show page
}
What does //show page mean over here
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

bluelad wrote:One more query...if i want to access the particular page i should use this code

Code: Select all

require('authenticate.php');

if($authenticated){
    //Show page
}
What does //show page mean over here
You can use // for comments in php scripts... it was simply put there as an instruction. You put the page contents where //Show page is.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Shouldn't this thread be in PHP code? Just a thought.
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

I suppose it COULD be a design question, probably could have gone either way.
Post Reply