FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Login?





jabapyth
How do you make a secure Login using PHP? Confused
DanielXP
The below script is a simple miltiuser login

Quote:
Code:
<?php

if (isset($_COOKIE['loguser'])) {
$givenusername = $_COOKIE['loguser'];
} else {
$givenusername = $_POST['txtUsername'];
}

if (isset($_COOKIE['logpass'])) {
$givenpassword = $_COOKIE['logpass'];
} else {
$givenpassword = $_POST['txtPassword'];
}
switch ($givenusername){
case "user1":
$password = "pass1";
break;
case "user2":
$password = "pass2";
break;
case "admin":
$password = "adminpass";
break;
default:
$password = "no";
$givenpassword = "yes";
break;
}

if ($givenpassword != $password) {

?>

<h1><font face="Arial">Please Login</font></h1>

<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<p><label for="txtUsername">Username:</label>
<br />
<input type="text" title="Enter your Username" name="txtUsername" size="20" /></p>

<p><label for="txtpassword">Password:</label>
<br />
<input type="password" title="Enter your password" name="txtPassword" size="20" /></p>

<p><input type="submit" name="Submit" value="Login" /></p>

</form>
<?php

}
else {

setcookie ("loguser", $givenusername);
setcookie ("logpass", $givenpassword);

?>

ENTER PROTECTED CONTENT HERE

<?php

}

?>



mathiaus wrote:
Please quote copied code and credit source
http://www.collingwood2000.karoo.net/tutorials/php/multiuser/index.php
JayBee
But all time you request a page from server, you send your password in cleartext Sad
its not good idea and you can use http 401 unauthorized insted

Code:

<?php
$givenpassword = $PHP_AUTH_PW;

switch ($PHP_AUTH_USER){
  case "user1":
    $password = "pass1";
    break;
  case "user2":
    $password = "pass2";
    break;
  case "admin":
    $password = "adminpass";
    break;
  default:
    $password = "no";
    $givenpassword = "yes";
}

if ($givenpassword != $password) {
  Header("WWW-Authenticate: Basic realm=\"My Realm\"");
  Header("HTTP/1.0 401 Unauthorized"); ?>
<h1>Please Login with correct username and password</h1>
<?
  exit;
} else {
?>

ENTER PROTECTED CONTENT HERE

<? } ?>


It is secure as the solution before
but it don't mean that I recommend this solution Laughing
Rhysige
Personally you guys seem to be making things complex... anyway in referance to This piece of code
Code:
<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

Why not simply have
Code:
<form method="post">

Shorter and does the same thing.. you only need to use action="x.php" if you are sending the data to another page or you need it to load up a variable page such as members.php?page=somepage
Jamatu
Quote:
Shorter and does the same thing.. you only need to use action="x.php" if you are sending the data to another page or you need it to load up a variable page such as members.php?page=somepage

You also need to use 'action=' if you want to make your pages html/xhtml compliant according to the W3C specifications.
Rhysige
Yeah well.. you have to be painstackingly precise if you wanna make things fully WC3 XHTML compliant...
Related topics
change cpanel login
Does Frihost's SMTP server require login and password?
html login system
WinXP - login
can't login my domain server ?
Frontpage ony white a login box HELP!
Login Scripts
php login module
Secure Login on the first page without https://
[RESOLVED] i can't login
can't login my site admin
Dirrect Admin Login Problem
Login without server scripting
is mutiple login in windows XP simultaneously possible?
can't login
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.