User Authentication

cmccomas

Hey,

Can anyone point me in the right direction for a GOOD tutorial on user authentication, password restricting, etc.

weekender

depends how you want to do it - with .htaccess or with php sessions?

htaccess - http://www.apacheweek.com/features/userauth
sessions - http://www.zend.com/zend/spotlight/sessionauth7may.php

cmccomas

Thanks for the tips, I tried the sessions part, but I'm getting an error, can anyone please help me with the code?

<?php 
    function auth( 
        $login = '', 
        $passwd = '', 
        $pass_file = 'words.txt' 
    ) { 
        session_start(); 
        global $PHP_SELF, $authdata; 
        $check = ! empty( $login );
		if ( is_array( $authdata ) ) { 

        return true; 

    } elseif ( $check ) { 

        $fp = fopen( $pass_file, 'r' ); 

        while ( !feof( $fp ) ) { 

            $line = trim( fgets( $fp, 1000 ) ); 
            list( $l, $p ) = explode( ',', $line ); 

            if ( ($l == $login) && ( $p == $passwd ) ) { 

                $authdata = array("login"=>$login); 

                session_register( 'authdata' ); 

                fclose( $fp ); 
                return true; 

            } 

        } 

        fclose( $fp ); 
        unset( $authdata ); 
        return false; 

    } else { 

        return false; 

    }
	<?php 

  function loginform($error = false) { 
   ?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<html>
<head>
  <title>my site</title>
  <link href="main.css" rel="stylesheet" type="text/css" />
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body topmargin="0" leftmargin="0">
<div id="title">
	<span class="text_header">xxxx</span><br />
</div>
<div id="main">
	<div id="leftnav"><span class="text_nav_menu">about</span><br />
		<a href="xxxx" class="link-menu">home</a><br />
		<a href="xxxx" class="link-menu">resume</a><br />
		<a href="xxxx" class="link-menu">contact</a><br />
		<br />
	<span class="text_nav_menu">my works</span><br />
		<a href="xxx" class="link-menu" target="_blank">shearexcitement</a><br />
		<a href="xxxx" class="link-menu" target="_blank">dariuswatts</a><br />
		<a href="xxxx" class="link-menu" target="_blank">novaflow</a><br />
		<a href="xxxx" class="link-menu" target="_blank">steve sciullo</a><br />
		<br />
	<span class="text_nav_menu">family</span><br />
		<a href="xxxx" class="link-menu" target="_blank">mom</a><br />
		<a href="xxx" class="link-menu" target="_blank">dad</a><br />
		<a href="xxxx" class="link-menu" target="_blank">sister</a><br />
		<br />
	<span class="text_nav_menu">other</span><br />
		<a href="xxxx" class="link-menu" target="_blank">arseblog</a><br />
		<a href="xxxx" class="link-menu" target="_blank">herdreport</a><br />
	</div>
	<div id="blogcontent"><?php if($error) { ?> 
   The login information you provided was invalid. 
   Please log in again below: 
   <?php } //end of error check ?> 

   <FORM ACTION="<?php echo $PHP_SELF; ?>" 
         METHOD=POST> 
   Username: <INPUT TYPE="text" NAME="username"><BR> 
   Password: <INPUT TYPE="password" NAME="password"><BR> 
   <BR> 
   <INPUT TYPE="submit" VALUE="Log in"> 
   </FORM>
   <?php 
   } // end of function 





if ( !auth($HTTP_POST_VARS['username'],     $HTTP_POST_VARS['password' ) ) { 

loginform( isset( $HTTP_POST_VARS['username'] ) ); 

   } 
   echo "Welcome to the authorized site!"; 

?></div>
</div>
</body>
</html>

Also, if I want the user automatically redirected after successfully logging in, do I take out echo "Welcome to the authorized site!"; with header (Location: link);

drag0n

exactly what errors are you getting?

cmccomas

Parse error: parse error in /hsphere/local/home/xxx.php on line 45

Line 45 is:

<?php

Right above ' function loginform($error = false) { '

drag0n

lol. you dont have a end tag ?> before it 🙂 thats all

cmccomas

thanks, made that change (been staring at it too long i presume, just missing it), but now i got this error:

Parse error: parse error in /hsphere/local/home/username/site/admin/admin.php on line 116

This is the line with </html>, with nothin below it.

What's usually the error for that?

drag0n

ur missing end tags start tags alot in your code, I would suggest you debug it

cmccomas

I did debug, got nothing.

<?php 
    function auth( 
        $login = '', 
        $passwd = '', 
        $pass_file = 'entry.txt' 
    ) {
        session_start(); 
        global $PHP_SELF, $authdata; 
        $check = ! empty( $login );
		if ( is_array( $authdata ) ) { 

        return true; 

    } elseif ( $check ) { 

        $fp = fopen( $pass_file, 'r' ); 

        while ( !feof( $fp ) ) { 

            $line = trim( fgets( $fp, 1000 ) ); 
            list( $l, $p ) = explode( ',', $line ); 

            if ( ($l == $login) && ( $p == $passwd ) ) { 

                $authdata = array("login"=>$login); 

                session_register( 'authdata' ); 

                fclose( $fp ); 
                return true; 

            } 

        } 

        fclose( $fp ); 
        unset( $authdata ); 
        return false; 

    } else { 

        return false; 

    }

	?>
	<?php 

  function loginform($error = false) { 

  	?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <title>xxx</title>
  <link href="main.css" rel="stylesheet" type="text/css" />
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body topmargin="0" leftmargin="0">
<div id="title">
	<span class="text_header">xxx</span><br />
</div>
<div id="main">
	<div id="leftnav"><span class="text_nav_menu">about</span><br />
		<a href="xxx" class="link-menu">home</a><br />
		<a href="xxx" class="link-menu">resume</a><br />
		<a href="xxx" class="link-menu">contact</a><br />
		<br />
	<span class="text_nav_menu">my works</span><br />
		<a href="xxx" class="link-menu" target="_blank">shearexcitement</a><br />
		<a href="xxx" class="link-menu" target="_blank">dariuswatts</a><br />
		<a href="xxx" class="link-menu" target="_blank">novaflow</a><br />
		<a href="xxx" class="link-menu" target="_blank">steve sciullo</a><br />
		<br />
	<span class="text_nav_menu">family</span><br />
		<a href="xxx" class="link-menu" target="_blank">mom</a><br />
		<a href="xxx" class="link-menu" target="_blank">dad</a><br />
		<a href="xxx" class="link-menu" target="_blank">sister</a><br />
		<br />
	<span class="text_nav_menu">other</span><br />
		<a href="http://www.arseblog.com/" class="link-menu" target="_blank">arseblog</a><br />
		<a href="http://www.herdreport.com" class="link-menu" target="_blank">herdreport</a><br />
	</div>
	<div id="blogcontent"><?php if($error) { ?> 
   The login information you provided was invalid. 
   Please log in again below: 
   <?php } //end of error check ?> 

   <form action="<?php echo $PHP_SELF; ?>" method=post> 
   Username: <input type="text" name="username"><br /> 
   Password: <input type="password" name="password"><br /> 
   <br /> 
   <input type="submit" value="Log in"> 
   </form>
   <?php 
   } // end of function 





if ( !auth($HTTP_POST_VARS['username'],     $HTTP_POST_VARS['password'] ) ) { 

loginform( isset( $HTTP_POST_VARS['username'] ) ); 

   } 
   echo "Welcome to the authorized site!"; 

?></div>
</div>
</body>
</html>

scoyle74

It looks to me like you might be missing a couple of closing '}' brackets. But then again I am also a newbie. 8)

niall_buckley

Yeah your missing '}' for function auth....

<?php
function auth(  

        $login = '',  

        $passwd = '',  

        $pass_file = 'entry.txt'  

    ) { //no closing bracket for this function
        session_start();  

        global $PHP_SELF, $authdata;  

        $check = ! empty( $login ); 
        if ( is_array( $authdata ) ) {  

        return true;  

    } elseif ( $check ) {  

        $fp = fopen( $pass_file, 'r' );  

        while ( !feof( $fp ) ) {  

            $line = trim( fgets( $fp, 1000 ) );  
            list( $l, $p ) = explode( ',', $line );  

            if ( ($l == $login) && ( $p == $passwd ) ) {  

                $authdata = array("login"=>$login);  

                session_register( 'authdata' );  

                fclose( $fp );  
                return true;  

            }  

        }  

        fclose( $fp );  
        unset( $authdata );  
        return false;  

    } else {  

        return false;  

    } 
     }//here is your closing bracket now
    ?> 
    <?php  

  function loginform($error = false) {  

      ?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
  <title>xxx</title> 
  <link href="main.css" rel="stylesheet" type="text/css" /> 
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> 
</head> 
<body topmargin="0" leftmargin="0"> 
<div id="title"> 
    <span class="text_header">xxx</span><br /> 
</div> 
<div id="main"> 
    <div id="leftnav"><span class="text_nav_menu">about</span><br /> 
        <a href="xxx" class="link-menu">home</a><br /> 
        <a href="xxx" class="link-menu">resume</a><br /> 
        <a href="xxx" class="link-menu">contact</a><br /> 
        <br /> 
    <span class="text_nav_menu">my works</span><br /> 
        <a href="xxx" class="link-menu" target="_blank">shearexcitement</a><br /> 
        <a href="xxx" class="link-menu" target="_blank">dariuswatts</a><br /> 
        <a href="xxx" class="link-menu" target="_blank">novaflow</a><br /> 
        <a href="xxx" class="link-menu" target="_blank">steve sciullo</a><br /> 
        <br /> 
    <span class="text_nav_menu">family</span><br /> 
        <a href="xxx" class="link-menu" target="_blank">mom</a><br /> 
        <a href="xxx" class="link-menu" target="_blank">dad</a><br /> 
        <a href="xxx" class="link-menu" target="_blank">sister</a><br /> 
        <br /> 
    <span class="text_nav_menu">other</span><br /> 
        <a href="http://www.arseblog.com/" class="link-menu" target="_blank">arseblog</a><br /> 
        <a href="http://www.herdreport.com" class="link-menu" target="_blank">herdreport</a><br /> 
    </div> 
    <div id="blogcontent"><?php if($error) { ?>  

   The login information you provided was invalid. 
   Please log in again below: 
   <?php } //end of error check ?>  

   <form action="<?php echo $PHP_SELF; ?>" method=post> 
   Username: <input type="text" name="username"><br /> 
   Password: <input type="password" name="password"><br /> 
   <br /> 
   <input type="submit" value="Log in"> 
   </form> 
   <?php  

   } // end of function 





if ( !auth($HTTP_POST_VARS['username'],     $HTTP_POST_VARS['password'] ) ) {  

loginform( isset( $HTTP_POST_VARS['username'] ) );  

   }  

   echo "Welcome to the authorized site!";  

?></div> 
</div> 
</body> 
</html>

See if that works

Rgds
Niall

scoyle74

It looks to me like you might be missing a couple of closing '}' brackets. But then again I am also a newbie. 8)

cmccomas

It is working now. But I do have a few more questions.

When a person successfully logins in, I want the code to send them to a page, page2.php. How can I do that?

Also, I want page2.php to use cookies and remember that a person is logged in and restrict certain pages for logged in people only, how can I do that?

rengy

hmm i think

include"something.php";

simply works to lead u to the next page.

if u use session , should be something like this

if(isset($name)) {
                                       include"xxx.php";
                                   }

i think u can also use the isset() to check for the user and resrtict the page for user.

i hope this might help you. if
please indicate if i am wrong cause i am a noob too...😃

weekender

include shouldn't be used as a redirect - use header

header("Location: [url]http://www.domain.com/page.php[/url]");

adam