Why doesn't this work?

Anon

OK, quite a long post this one, and I'm a semi-newbie (does that work??)

I have a password protection which exploded data from a text file for usernames and passwords. This is the code:

<?php
$auth = false;
if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {

$filename = 'file.txt'; 
$fp = fopen( $filename, 'r' ); 
$file_contents = fread( $fp, filesize( $filename ) ); 
fclose( $fp ); 

$lines = explode ( "\n", $file_contents ); 

foreach ( $lines as $line ) { 

    list( $username, $password ) = explode( ':', $line ); 

    if ( ( $username == "$PHP_AUTH_USER" ) && 
         ( $password == "$PHP_AUTH_PW" ) ) { 

        $auth = true; 
        break; 

    } 
}

}

if ( ! $auth ) {

header( 'WWW-Authenticate: Basic realm="Private"' ); 
header( 'HTTP/1.0 401 Unauthorized' ); 
echo 'Authorization Required.'; 
exit;

} else {

echo '<P>You are authorized!</P>';

}

?>

This works fine, as does manually adding data into the text file, then uploading it, like this:

username:password
joe:bloggs
arthur:baker

But then I had the idea of having an online admin to delete and add people. The text file is read into a multiline text box, the user can change details, or add new users on a new line, then hit SAVE which goes to the following code which writes over the previous data and replaces it with the new:

<?php
$filename ="file.txt";
$handle= fopen($filename,'w');
$string = "$details";
fputs($handle, $string);
fclose($handle);

?>

I thought it would work in theory, but in practice it doesn't. It DOES write to the text file, and over-rides the previous data, but when I then go and try to login, it only recognises the LAST line (ie the newest user added) and none of the others.

Why does this happen?

I know this isn't the best way, by any means, for password protection, but it isn't for a large scale site and it is partly for my own experimentation.

Any help would be appreciated, and I'm sorry if I explained it poorly.

Thanks,

Nick

Anon

I don't think your problem is what you think it is. All of the "w" options to fopen truncate the file to 0 length. So I believe that your code works, but you expect it to do something different. You are probalby going to have to read in the entire file to your script then add your new user to that data before outputing the new data into the file.

<?php
$filename ="file.txt";
$handle= fopen($filename,'r');
$string = "";
while (!feof($handle)) {
$string .= fgets($handle, 4096);
}
fclose($handle);

$string .= "$deatils";
$handle = fopen($filename, 'w');
fputs($handle, $string);
fclose($handle);
?>

I've not worked with writing files much but that should work.

Also double check the way fopen works to make sure you understand it:
http://www.php.net/manual/en/function.fopen.php

reagent

instead of using 'w' in your fopen statement and reading in the entire file, use 'a' instead, which will APPEND the data to the existing file.

keep in mind that this will not do anything if you change your password. In this case, you would want to read the file and modify the line that matches your username.

read the manual for more info
p.