Help with script

revian

Hey,
I am trying to write a login/logout script in php, but I dont really want to get in to the database stuff. Is there a way to have the website log me in after confirming a password and username? and logout? I am really sorta new to this, but have read tutorials and get the basic idea. Is there any way with out doing sql? a script is
http://www.free2code.net/plugins/articles/read.php?id=99
the only problem is, i dont have pear db and don't get some of the stuff. Help?
Thanks!

thorpe

are you going to be the only person logging in to this site? its not secure, but you could just hardcode your username / pass into the application. hell, even if there are going to be multiple users, you could store them in an array.

this might give you an idea.

<?php

  function login() {
    $uname = 'username';
    $upass = 'userpass';
    if ($_POST['uname'] == $uname && $_POST['upass'] == $upass) {
      session_start();
      session['logged'] = true;
      return true;
    } else {
      return false;
    }
  }
?>

terfle

Have you looked into htaccess and storing usernames and passwords into the htpasswd file? I'm sure if you seached google or this forum you would find a few scripts.

revian

here is a script I got and wanted the pros to take a glance at it...
<html>
<body>
<script language="javascript">

</script>

<center>
<table bgcolor="white" cellpadding="12" border="1">
<tr><td colspan="2"><center><h1><i><b>Login
Area</b></i></h1></center></td></tr>
<tr><td><h1><i><b>UserID:</b></i></h1></td><td><form name="login"><input
name="id" type="text"></td></tr>
<tr><td><h1><i><b>Password:</b></i></h1></td><td><input name="pass"
type="password"></td></tr>
<tr><td><center><input type="button" value="Login"
onClick="pasuser(this.form)"></center></td><td><center><br><input
type="Reset"></form></td></tr></table></center>
</body>
</html>
Where and what are the passwords and usernames? and how to chage them?

terfle

See that line that says:

You might want to find a php function instead of javascript, for example look at thorpe's post.

LordShryku

Originally posted by terfle
See that line that says:

<script language="javascript">

You might want to find a php function instead of javascript, for example look at thorpe's post.

.........because a major flaw of that is that any random person can see that username and password by viewing the source of the page.

revian

I see....Do I have to use mysql to hold the passwords in the script in thorpe's post? How would i make the form?
Thanks!

revian

For his script, How would I make an html button submit it to check the passwords and usernames, and if true redirect to my home page? And if not true, redirect to password incorrect page?
Thanks!!

terfle

Originally posted by revian
I see....Do I have to use mysql to hold the passwords in the script in thorpe's post?

$uname = 'username';
$upass = 'userpass';

How would i make the form?

<form method=post action=file.php>
<input type=text name=uname><BR><input type=text name=upass><BR><input type=submit>
</form>

Again, I'm sure there are many tutorials and posts about this subject. Try seaching.

revian

Thanks for your help...Just in case if any one cares, here is the login script i got...
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<TITLE>Login</TITLE>

</HEAD>
<BODY bgcolor="#000000" text="red">

<script language="javascript">
function error()
{
document.write("<br><br><br><body bgcolor='black' text='red' link='purple' alink='purple' vlink='purple'><center>Unable to confirm password!<br><br><a href='index.php'><h4>Back</h4></a></center></body>");
}

//This function will make sure the text box is not empty
function check()
{
if(form1.pass.value == ""){error();}
}
</script>

<center><form name="form1" method="post" action="check1.php">
Username<input type="username" name="user" size="15"><br><br>

Password<input type="password" name="pass" size="15"><br><br>
<form name="form1" method="post" action="check.php"><br />
<input type="submit" name="submit" value="Enter" onclick="check()">
</center
</form>
<br><br><br>
If your password fails<br>
your IP will be logged as<br>

<?php
$ip = $_SERVER['REMOTE_ADDR'];
echo $ip;
?>

it works well because I do not have to maintain a databse...now I have to maintain a txt file!!! o well now i have to reidirect people from the login successful to the member page...any ideas??