Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Software Development
Programming
Programming Q&A
NEed help asap with PHP
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Ecko" data-source="post: 370386" data-attributes="member: 24874"><p>Your script allows for login if following two conditions are met:</p><p></p><p>User/pass fields are not empty </p><p>Username is the same as the password</p><p></p><p>If this is where you are storing admin information:</p><p>[php]$user["admin1"] = "password";[/php]</p><p></p><p>Then change:</p><p>[php]elseif ($user[$_POST['username']] != $_POST['password'])[/php]</p><p></p><p>To:</p><p>[php]elseif ($user["admin1"] != $_POST['password'])[/php]</p><p></p><p>In my opinion it is better if you store admins in an array:</p><p>[php]$VALID_USERS = array(</p><p> 'devbest' => 'demo123',</p><p> 'ecko' => 'adminpass',</p><p> );[/php]</p><p></p><p>Then check password and set cookie:</p><p>[php]</p><p> if($act == 'login' && $_POST['form_sent'] == '1'){</p><p> $user = stripslashes(trim($_POST['login_user']));</p><p> $pass = stripslashes(trim($_POST['login_pass']));</p><p> foreach($VALID_USERS as $u => $p){</p><p> if(strtolower($u) == strtolower($user) && strtolower($p) == strtolower($pass)){</p><p> setcookie('security', serialize(array($u, $p)), time() + 31536000, '/', '', 0);</p><p> header('Location: security.php');</p><p> exit;</p><p> }</p><p> }</p><p> message('Invalid username or password', 'Login Error');</p><p> }elseif($act == 'logout'){</p><p> setcookie('security', serialize(array('', '')), time() - 1, '/', '', 0);</p><p> header('Location: security.php');</p><p> exit;</p><p> }[/php]</p><p></p><p>Then you can just check cookie to see if they are logged in.</p></blockquote><p></p>
[QUOTE="Ecko, post: 370386, member: 24874"] Your script allows for login if following two conditions are met: User/pass fields are not empty Username is the same as the password If this is where you are storing admin information: [php]$user["admin1"] = "password";[/php] Then change: [php]elseif ($user[$_POST['username']] != $_POST['password'])[/php] To: [php]elseif ($user["admin1"] != $_POST['password'])[/php] In my opinion it is better if you store admins in an array: [php]$VALID_USERS = array( 'devbest' => 'demo123', 'ecko' => 'adminpass', );[/php] Then check password and set cookie: [php] if($act == 'login' && $_POST['form_sent'] == '1'){ $user = stripslashes(trim($_POST['login_user'])); $pass = stripslashes(trim($_POST['login_pass'])); foreach($VALID_USERS as $u => $p){ if(strtolower($u) == strtolower($user) && strtolower($p) == strtolower($pass)){ setcookie('security', serialize(array($u, $p)), time() + 31536000, '/', '', 0); header('Location: security.php'); exit; } } message('Invalid username or password', 'Login Error'); }elseif($act == 'logout'){ setcookie('security', serialize(array('', '')), time() - 1, '/', '', 0); header('Location: security.php'); exit; }[/php] Then you can just check cookie to see if they are logged in. [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Software Development
Programming
Programming Q&A
NEed help asap with PHP
Top