Writting login attempt to log file

havoc2005

I have the following form

<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>

I would like to be able to log every login attempt to a .log file using php. How would I go about doing that

NogDog

[man]fopen/man with the 'a'ppend parameter and [man]fwrite/man or [man]fputs/man to add the text to the file.

halojoy

havoc2005 wrote:
I have the following form
I would like to be able to log every login attempt to a .log file using php.
How would I go about doing that

Hello, halojoy here.

I have actually contributed with such a function, in a PHP Wiki software.
You know wikis can be totally open for any guest to edit pages
but can also have pages protected by a simple Login.
( When see what people spam at some wikis, it is a good idea )

Here is the login.php code.
The part I added is 'remotelog'.
I made this a config setting for this Wiki software, so you can turn on or turn off such logging.
If you think people have the right to 100% privacy.
I do not think potential SPAMMERS should have No Rights, at all 😃

I think you should be able to modify this simple code, to fit your pages.
Good luck!

PS. The same little code, 'remotelog', is used in register.php, too
... to log also first contact with some new user/spammer .DS

Regards 🙂
halojoy

} else if ($pass) {

if ($remotelog === true) {
    // remotelog.txt - record this login attempt
    $datelogged = date( "Y-m-d H:i:s", time() );
    $remoteip = $_SERVER[ "REMOTE_ADDR" ];
    $userstring = $datelogged . " - " .  $user . " - " . $remoteip;
    $fp = fopen( $nodedir."remotelog.txt", "a" );
    fputs( $fp, $userstring."\n" );
    fclose( $fp );
}

// Log in
//

if (!checkpass($user, $pass)) {
    $title=$invpass;
    $node=$invpass_d;
    $bar=array("<a href='login.php?title=$t'>$login</a>", "<a href='index.php?title=$t'>$return</a>");
} else {						

    // Log user in for a day
    //

    $usercookie = mkusercookie($user, $pass);
    setcookie("wikiticket", $usercookie, time()+86400);

    $title=$loggedin.$user;
    $node=$loggedin_d;
    $bar=array("<a href='index.php?title=$t'>$return</a>", "<a href='login.php?logging_out=1&amp;title=$t'>$logout</a>");
}

Here is the full login.php

<?php
/* login.php  */

require_once("config.php");
require_once("language.php");
require_once("display.php");
require_once("logininc.php");

$title = @$_GET['title'];
if (!$title) $title = @$_POST['title'];
$logging_out = @$_GET['logging_out'];
$user = stripslashes(@$_POST['user']);
$pass = stripslashes(@$_POST['pass']);

$t=$title;	// Preserve the last node.

if ($logging_out) {		

// Log out
//
// Verify the login before messing with keys
//
if ($_COOKIE['wikiticket']) {
    if (!verifyuser(stripslashes($_COOKIE['wikiticket']))) {
        // invalid login!
        //
        setcookie("wikiticket", "", time());
        invalidlogin();
    }
}

$elems = explode(":::", stripslashes($_COOKIE['wikiticket']));
$user = $elems[0];
setcookie("wikiticket", "", time());
logoutuser($user);
$title=$loggedout;
$node=$loggedout_d;
$bar=array("<a href='index.php?title=$t'>$return</a>", "<a href='login.php?title=$t'>$login</a>");

} else if ($pass) {

if ($remotelog === true) {
    // remotelog.txt - record this login attempt
    $datelogged = date( "Y-m-d H:i:s", time() );
    $remoteip = $_SERVER[ "REMOTE_ADDR" ];
    $userstring = $datelogged . " - " .  $user . " - " . $remoteip;
    $fp = fopen( $nodedir."remotelog.txt", "a" );
    fputs( $fp, $userstring."\n" );
    fclose( $fp );
}

// Log in
//

if (!checkpass($user, $pass)) {
    $title=$invpass;
    $node=$invpass_d;
    $bar=array("<a href='login.php?title=$t'>$login</a>", "<a href='index.php?title=$t'>$return</a>");
} else {						

    // Log user in for a day
    //

    $usercookie = mkusercookie($user, $pass);
    setcookie("wikiticket", $usercookie, time()+86400);

    $title=$loggedin.$user;
    $node=$loggedin_d;
    $bar=array("<a href='index.php?title=$t'>$return</a>", "<a href='login.php?logging_out=1&amp;title=$t'>$logout</a>");
}

} else {
    $title=$login;

$node = '<form method="post" action="login.php">' .
    '<table border=0>' .

    '<tr><td align=right>' . $tusername . ':</td>' .
    '<td><input name="user" type="text"></td></tr>' .

    '<tr><td align=right>' . $tpassword . ':</td>' .
    '<td><input name="pass" type="password"></td></tr>' .

    '</table>' .
    '<input type="hidden" name="title" value="' . $t . '">' .
    '<input type="submit" value="' . $login . '">' .
    '</form>';
$node.=$cookies;
$bar=array("<a href='index.php?title=$t'>$return</a>");
}

display($title, $node, $bar, $template);

?>

havoc2005

<?php
// Write the search results in the log file
        $handle = fopen("IT207-PROJ-sghaniza.log", "a");
        fputs($handle, $_GET['myusername'] . "'\n");
        }
        fclose($handle);
		?>

I have the following right below the </form> tag, however it does not write to the log file, the files permission is set to 775 as well.