PhP 4.2.2 - Login and Password scripts

lennie

Hi,
I am running Windows version PhP4.2.2 on IIS. I have created a simple Login HTML form(p-10-1.htm) and a simple validation PhP script p-10-1.php. Not sure what is wrong with the p-10-1.php script as it's not validating the $username and $password. It seems to accept anything and everything which it shouldn't. Please help....thanks,

-----p-10-1.php --------------
<?php
//create password and login with cookies

$passwords = array("bill" =>"apple",
				"charles"=>"potatoe",
				"david"=>"igneous");

if ($_post[password] == $passwords[$_post[username]])
	{
		setcookie("$_post[username]", $_post[username], time()+1200);
		echo "<h2>Access Granted</h2>";
	}

else
	{
		setcookie("$_Post[username]","",time()-3600);
		echo "<h2>Invalid user name or password: ACCESS Denied </h2>";
	}
	?>

-----p-10;1.html------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Prohect 10 -1</title>
</head>
<body>
<form Method="post" action="p-10-1.php">
<h2>Project 10-1: Login page </h2>
<br><br>

User Name :
<br><Input type="text" name="username" size="16">
<br><br>

Password:
<br><input type="text" name="password" size="16">
<br><br>
<br><br><input type="Submit">&nbsp<br><input type="reset">

</form>

</body>
</html>

elfynmcb

Hey,

Take a look at this http://www.phpbuilder.com/board/showthread.php?s=&threadid=10206683. It's a simple auth system, and all you'll need to do is add your little cookie bits.

lennie

Hi mate,
Thanks for sharing. Will study and try to understand what your scripts are doing. You are a legend.

But then again, I need to know where did I go wrong on the p-10-1.php. in order to learn.

cheers,
Lennie

elfynmcb

Hi,

Well i've gone over the php code:

<?php

// Create the user table:
$passwords = array
(
    "bill" =>"apple", 
    "charles"=>"potatoe", 
    "david"=>"igneous"
); 

// Check form-vars against arr $passwords
if ( $passwords[$POST["username"]] == $_POST["password"] ) 
{ 
    setcookie($_POST["username"], $_POST["username"], time()+1200); 
    echo "<h2>Access Granted</h2>"; 
} 
else 
{ 
    setcookie($_POST["username"],"",time()-3600); 
    echo "<h2>Invalid user name or password: ACCESS Denied </h2>\n"; 
}

?>

Correction:

1) $post and $Post used instead of superglobal name $_POST.

lennie

Hey Elfyn,
Shoot me blind.....it's that simple, huh. I understand now where I went wrong. Should used $POST instead of $post. Come over mate, I will shout you beers.

Yee...haaa...p-10-1.php is working now.....Thanks again.

Cheers,
Lennie

elfynmcb

Hey,

Mine's a fosters... You can pass it to my grandad in Christchurch...