Forum •
PHP Tutorials • Simple user login system
|
Access: Admin
Total posts: 174
Status: Offline
|
|
|
Simple user login system
|
 |
PHP Code:
<?php
session_start();
$name[] = "Chris"; $pass[] = "123456";
$name[] = "Test"; $pass[] = "weewee";
$name[] = "blah"; $pass[] = "moo";
#create an array of usernames and passwords
#add as many as you want
function loginform(){ #this is the form the user sees if they are not logged in
echo '<fieldset style="padding: 2">';
echo '<legend>Login</legend>';
echo '<form method=post action="?">';
echo 'Name: <input type=text name=username value="' . $_POST[username] . '">';
echo '<br>';
echo 'Pass: <input type=password name=pass>';
echo '<br>';
echo '<input type=submit name="s1" value="Login">';
echo '</form>';
echo '</fieldset>';
}
#used for the logout link, changes the session 'loggedin' = false if ?action=logout
if($_GET['action'] == "logout"){
$_SESSION['loggedin'] = false;
$_SESSION['username'] = "";
}
if($_SESSION['loggedin'] == false){ #checks if the user isnt logged in
if(!$_POST['s1']){ #checks if the form has been submitted, if not show it
loginform();
}else{
#username check
$tmpname = $_POST['username']; #the username the user has submitted
$tmppass = $_POST['pass']; #the password the user has submitted
$t = count($name); #count the total users
$i = 0;
#create a loop to go through each username/password and compare it with the name pass which was submitted
while($i <= $t){
if($tmpname == $name[$i] && $tmppass == $pass[$i]){
#if the name/pass submitted matches any of the username and passwords set the session 'loggedin' = true
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $name[$i];
header('Location: ?'); #reload the page
}
$i++;
}
echo "invalid name and password :o"; #show an error message if the user enters an incorrect name/pass
loginform(); #show the form
}
die;
}
?>
Welcome <?php echo $_SESSION['username']; ?>. anything put here is only visible to users who are logged in
<br>
<a href="?action=logout">Logout</a>
|
| 09:15pm 28th Jun 06
|
_______________
Chris - Network-13
Last edited by Chris at 12:48am 10th Jul 06 |
|
Access: Member
Total posts: 6
Status: Offline
|
|
|
Re: Simple user login system
|
|
ive been looking at this script of yours for like the last 3 hours trying to figer out how to use it to protect a few of my directorys on my site just so a few friends can use those directorys only
I thought you might have some insight on this plus i guess it would be good for you to know whats happening with your stuff
I made something that you might call successful but i think it can be better
by putting the code below in ever page that follows the login script ive been able to keep out anyone unwelcomed "hypothetically" its not been fully tested yet
PHP Code:
<?php
session_start();
if (($_SESSION[loggedin])== true){
echo "You are logged in";}
else {header('Location: ../login.php');
}
?>
and in your script i change the location for if you log on it sends you to the page that has that in it
PHP Code:
<?php
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $name[$i];
header('Location: /download1/index.php'); #reload the page
?>
Im new to php i started like 2 weeks ago but it seems i pick it up faster then anyone else i know and understand a good deal of it already
if you have a better way of what im trying to do please give me some pointers
and thx for the sample script it helped me out with learning about sessions
|
| 01:14pm 5th Jan 08
| |
|
Access: Admin
Total posts: 174
Status: Offline
|
|
|
Re: Simple user login system
|
|
A similar method would be to save my code in a file called 'config.php', then in all the pages you want to protect add this
PHP Code:
<?php
include 'config.php';
?>
That way each time one of the files load, it loads the config file, the config file then checks if the user is logged in or not.
if your having any problems feel free to add me on MSN, I'm usually always on there. chris@network-13.com
|
| 09:44pm 5th Jan 08
|
_______________
Chris - Network-13
Last edited by Chris at 09:45pm 5th Jan 08 |
|
Access: Member
Total posts: 6
Status: Offline
|
|
|
Re: Simple user login system
|
|
Quote:
I didnt think about that thx for the heads up
...Nextday follow up
Oh wow that works great and just what i needed thx alot
now i can focus on the design part of it and fine tuning
|
| 10:40pm 5th Jan 08
|
Last edited by Chronocalamity at 06:06pm 6th Jan 08 |
|
Access: Admin
Total posts: 174
Status: Offline
|
|
|
Re: Simple user login system
|
|
Glad I could help 
|
| 09:05am 8th Jan 08
|
_______________
Chris - Network-13 |
|
Access: Member
Total posts: 17
Status: Offline
|
|
|
Re: Simple user login system
|
|
Hey i've found a glitch where if u leave both fields empty and just click login it logins in.. i was trying to make something that tells it to not log in when it has a blank username and password but i couldn't get it to work... i altered the code and made the username and password field have a value (like in the username field it says username, and in the password field it says password.. well it has 8 dots) and i made it so when u click in the field it replaces it to an empty value.. but that still has problems cause if u click in the username field then the pass... that means it will clear em both out.. then u can click login and u will get through.. so i was wonder if you could add a script into it telling it to reject a blank username and password and have it say invalid username and password...
sry.. i just wanted to point it out... and i would create it myself, but i'm just learning PHP... i'm really good at that... but yea. i'm 15.. and right now i don't hav the time for figuring out alot of php.. cause i gotta keep my grades up.. expecially math.. i'm working on getting into MIT, i finished up alg 2... and i'm in the 9th grade.. and got 100's all year... and i'm taking acc. geomatry and pre calc next year.. and calc in 11th grade and AP calc in 12th.. so i have to keep them up... i have only 1 chance to get in haha...
thx in advance... sry for alittle off topic at the end...
|
| 08:44pm 10th Apr 08
|
_______________
-Tyler |
|
Access: Admin
Total posts: 174
Status: Offline
|
|
|
Re: Simple user login system
|
|
Very well spotted I'm surprised that no one noticed that sooner 
To fix that you just need to add a new check to the while loop, basically tell PHP if the username or password the user has submitted is blank, don't check it against the real name/passwords. To do that edit the while loop as follows
PHP Code:
<?php
while($i <= $t){
if($tmpname !== "" || $tmppass !== ""){
if($tmpname == $name[$i] && $tmppass == $pass[$i]){
#if the name/pass submitted matches any of the username and passwords set the session 'loggedin' = true
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $name[$i];
header('Location: ?'); #reload the page
}
}
$i++;
}
?>
The important part is,
Quote:
$tmpname !== "" || $tmppass !== ""
the "!==" means not equal to and the "||" means OR, so if $tmpname OR $tmppass are not blank, continue to check it against the real name/passwords.
Hope this helps you out and thanks for pointing out that error 
|
| 04:42am 11th Apr 08
|
_______________
Chris - Network-13 |
|
Access: Member
Total posts: 17
Status: Offline
|
|
|
Re: Simple user login system
|
|
Thx... i think i know where to place it..... probably not... could u tell me where to stick it just in case i don't find it... thx again for it..
|
| 04:31pm 11th Apr 08
|
_______________
-Tyler |
|
Access: Admin
Total posts: 174
Status: Offline
|
|
|
Re: Simple user login system
|
|
Heres the script with the changes made to it.
PHP Code:
<?php
session_start();
$name[] = "Chris"; $pass[] = "123456";
$name[] = "Test"; $pass[] = "weewee";
$name[] = "blah"; $pass[] = "moo";
#create an array of usernames and passwords
#add as many as you want
function loginform(){ #this is the form the user sees if they are not logged in
echo '<fieldset style="padding: 2">';
echo '<legend>Login</legend>';
echo '<form method=post action="?">';
echo 'Name: <input type=text name=username value="' . $_POST[username] . '">';
echo '<br>';
echo 'Pass: <input type=password name=pass>';
echo '<br>';
echo '<input type=submit name="s1" value="Login">';
echo '</form>';
echo '</fieldset>';
}
#used for the logout link, changes the session 'loggedin' = false if ?action=logout
if($_GET['action'] == "logout"){
$_SESSION['loggedin'] = false;
$_SESSION['username'] = "";
}
if($_SESSION['loggedin'] == false){ #checks if the user isnt logged in
if(!$_POST['s1']){ #checks if the form has been submitted, if not show it
loginform();
}else{
#username check
$tmpname = $_POST['username']; #the username the user has submitted
$tmppass = $_POST['pass']; #the password the user has submitted
$t = count($name); #count the total users
$i = 0;
#create a loop to go through each username/password and compare it with the name pass which was submitted
while($i <= $t){
if($tmpname !== "" || $tmppass !== ""){
if($tmpname == $name[$i] && $tmppass == $pass[$i]){
#if the name/pass submitted matches any of the username and passwords set the session 'loggedin' = true
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $name[$i];
header('Location: ?'); #reload the page
}
}
$i++;
}
echo "invalid name and password :o"; #show an error message if the user enters an incorrect name/pass
loginform(); #show the form
}
die;
}
?>
Welcome <?php echo $_SESSION['username']; ?>. anything put here is only visible to users who are logged in
<br>
<a href="?action=logout">Logout</a>
|
| 06:09pm 11th Apr 08
|
_______________
Chris - Network-13 |
|
Access: Member
Total posts: 17
Status: Offline
|
|
|
Re: Simple user login system
|
|
lol thx.. i figured it out right away though... i also altered the code some bit... i took out the login part... and created my own login script thing, and have the script you created and added it so it redirects to the login page... and then i include the script to the page i want protected, and then just have the login thing go to the page i used the include for.. and works like a charm....
here is what i made it... hope you don't care that i altered it (but it works great)
PHP Code:
<?php
session_start();
$name[] = "admin"; $pass[] = "blah";
$name[] = "blah"; $pass[] = "blah";
$name[] = "blah"; $pass[] = "blah";
$name[] = "blah"; $pass[] = "blah";
#create an array of usernames and passwords
#add as many as you want
#used for the logout link, changes the session 'loggedin' = false if ?action=logout
if($_GET['action'] == "logout"){
$_SESSION['loggedin'] = false;
$_SESSION['username'] = "";
}
if (($_SESSION[loggedin])== false){
if(!$_POST['s1']){
header('Location: ../admin-login.php');
}else{
#username check
$tmpname = $_POST['username']; #the username the user has submitted
$tmppass = $_POST['pass']; #the password the user has submitted
$t = count($name); #count the total users
$i = 0;
#create a loop to go through each username/password and compare it with the name pass which was submitted
while($i <= $t){
if($tmpname !== "" || $tmppass !== ""){
if($tmpname == $name[$i] && $tmppass == $pass[$i]){
#if the name/pass submitted matches any of the username and passwords set the session 'loggedin' = true
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $name[$i];
header('Location: ?'); #reload the page
}
}
$i++;
}
echo "Invalid Username or Password 0.o";#show an error message if the user enters an incorrect name/pass
}
die;
}
?>
Welcome <?php echo $_SESSION['username']; ?>.<br>
<a href="?action=logout">Logout</a><br><br>
oh and sry.. but off topic... the php news system... i'm having trouble with the time... i put in my timezone -5 (USA EASTERN TIME) and its still wrong.. what do i have to do.. i looked in the index.php file and just got confused.. i didn't want to mess something up =(
|
| 10:02pm 11th Apr 08
|
_______________
-Tyler |
