calling users from flatfile...

Anon

hi,

i posted here a while back about setting multiple values in an IF statement which included three usernames and passwords which had to match each other to allow login. This is the code:

if ((($usrname == "$u1") && ($passwd == "$p1")) || (($usrname == "$u2") && ($passwd == "$p2")) || (($usrname == "$u3") && ($passwd == "$p3")))

That was fine for when i only had three users but now i want to add more like $u4 and $p4 to the user file which is included in the script but not have to change the if statement in the script, so something like this:

if ((($usrname == "$u*") && ($passwd == "$p*")))

Can anyone help?

thanks in advance,

Rigo

yelvington

Learn about arrays and looping.

Anon

thanks for reminding me about those.

could you tell me how i would contruct the IF statement using the loop as i can't get my head around it.

yelvington

To begin with, you need to have some format for storing usernames and passwords, i.e.

joe|in2itive
beth|imnot2tired
elmer|sillywabbit
donald|wackwackwack

... and so forth. This particular format is "pipe delimited." You can use any character as a delimeter so long as it is not allowed to be used inside a username or password.

Call that file pw.txt, then

// function to check login;
// returns true or false
function login($username, $password){
// read file into an array
$pwfile = file('pw.txt');
// for each array element ...
for($i = 0; $i < count($pwfile); $i++) {
// break it into an array!
$item = split('|',$pwfile[$i]);
// test the results
if (($item[0] == $username) && ($item[1] == $password)) return 1;
}
return 0;
}

Now you have a function that will handle any number of users.

There are several problems with this approach.

The code I just wrote is completely untested and off the top of my head. It may contain errors.
This isn't a very secure system. Passwords are being stored in plain text in the filesystem where J.Random Hacker can have at 'em.
You can't efficiently update the user database, change passwords, delete users, etc.
As the user database grows to large numbers performance will suffer because this is a linear search.

Item 1 is your opportunity to learn by fixing broken code. Items 2 through 4 indicate that you should review the code library for better approaches and move off flat files onto a database.