problem validating random Password with input password

Dann

It has been 2 weeks that I started learning Php and I am enjoying it . But right now I am having a little bit problem with my codes. I created this login page that compares password generated randomly with input password . $password is the random password generated and it displays well when I execute the page.. But the problem is when I compare it with $POST['Username'] ,i can't login. But when I compare $POST['Username'] with some strings "abc" , I can access the login page. Where did I go wrong.. Could you help me please.. I appreciate your help ..Here is the code.

<?
session_start();
include("random_password.php");
$rand_pass=$password;
if($_POST['Submitted']=='True')
{

// If the username match up, then continue...

if ( $POST['Username']==$rand_pass) {
// Username matched, set them as logged in and set the Username to a session variable.
$SESSION['Logged_In'] = "True";
}
}

// If they are NOT logged in then show the form to login...
if ($_SESSION['Logged_In'] != "True") {

echo "<br>";

echo"<b>Please login:</b> <br>";
echo "<form method=post action=" .$_SERVER['PHP_SELF'] . ">
    Username: <input type=textbox name=Username><br />
    <input type=hidden name=Submitted value=True>
    <input type=Submit name=Login>
</form>";

}
else
echo "You are logged in as: blah blah blah...<b>";

mikell

Is this supposed to be a login for psychic users only? Why are you comparing the submitted username with a randomly generated string of characters.

Can you show me whats inside random_password.php or elaborate a little more on what you're trying to do?

Piranha

If random_password.php generates a password randomly it will generate a new password every time the page is loaded, and thus will make it virtually impossible to log in.

But as mikell says, show what is inside random_password.php, then it is possible that we can help you out.

Horizon88

🙁 you just gave me a horrible headache

Dann

Well, this is not actually a login page.. It's just a text verification page. That's it .. .The text is randomly generated each time page loads and we have to type that generated text in order to access another page. .. Below is the code inside random_password.php. Hope I made you clear this time about my problem. I am looking forward to get an answer ..

function gen_pass($length, $mix=true) {
$password = '';
for($i=0;$i<$length;$i++){
$letter = base_convert(rand(0,35),10,36);
$password .= ($mix && rand(0,1)) ? strtoupper($letter) : $letter;
}
return $password;
}

Piranha

I think you should search for CAPTCHA, you will get lots of good information that way.

Horizon88

Oh, now I get what you're doing. My guess is you never call the function gen_pass, from what I can see. You'll want to call that and set it like this:

session_start();
include("random_password.php");
$rand_pass=gen_pass($variables, $here);

That should do it.

Dann

hi horizon88, thanx for your response. But, even this didn't solve my problem. Same problem again .
I didn't get access to other page .. Could you check it yourself and provide me a solution . I would appreciate your help .Thank you ..

Horizon88

I'd need to see your login form, too, but from the looks of your code you're checking a bunch of variables against the random pass, none of which are a random pass field. You may want to reconsider the structure of your code, but if you post the random pass include file, and the entire login form, both with what you have up to now and the board's PHP tag formatting I'll see if I can work anything out