I have a database and 2 php files
Could not log you in.
I can not log in I don't know why
maybe sha1
CREATE DATABASE auth;
USE auth;
CREATE TABLE authorized_users (
userid VARCHAR(30) NOT NULL PRIMARY KEY,
password VARCHAR(30) NOT NULL
);
INSERT INTO authorized_users (userid, password) VALUES
('testuser','password'),
('webauth','webauth');
GRANT ALL PRIVILEGES
ON auth.*
TO webauth@localhost
IDENTIFIED BY 'webauth';
authmain.php
<?php
session_start();
if (isset($_POST['userid']) && isset($_POST['password']))
{
// if the user has just tried to log in
$userid = $_POST['userid'];
$password = $_POST['password'];
$db_conn = new mysqli('localhost', 'webauth', 'webauth', 'auth');
if (mysqli_connect_errno()) {
echo 'Connection to database failed:'.mysqli_connect_error();
exit();
}
$query = "select * from authorized_users where
userid='".$userid."' and
password=sha1('".$password."')";
$result = $db_conn->query($query);
if ($result->num_rows)
{
// if they are in the database register the user id
$_SESSION['valid_user'] = $userid;
}
$db_conn->close();
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Home page</title>
</head>
<style type="text/css">
fieldset {
width: 50%;
border: 2px solid #ff0000;
}
legend {
font-weight: bold;
font-size: 125%;
}
label {
width: 125px;
float: left;
text-align: left;
font-weight: bold;
}
input {
border: 1px solid #000;
}
button {
margin-top: 12px;
}
</style>
</head>
<body>
<h1>Home Page</h1>
<?php
if (isset($_SESSION['valid_user']))
{
echo '<p>You are logged in as: '.$_SESSION['valid_user'].' <br />';
echo '<a href="logout.php">Log out</a></p>';
}
else{
if(isset($userid))
{
//if they've tried and failed to log in
echo '<p>Could not log you in.</p>';
}
else
{
//they have not tried to log in yer or have logged out
echo '<p>You are not logged in.</p>';
}
}
//provide form to log in
echo '<form action="authmain.php method="post">';
echo '<fieldset>';
echo '<legend>Login Now!</legend>';
echo '<p><label for="userid">UserID:</label>';
echo '<input type="text" name="userid" id="userid" size="30"/></p>';
echo '<p><label for="password">Password:</label>';
echo '<input type="password" name="password" id="password" size="30"/></p>';
echo '</fieldset>';
echo '<button type="submit" name="login">Login</button>';
echo '</form>';
?>
</body>
</html>
members_only.php
<!DOCTYPE html>
<html>
<head>
<title>Members Only</title>
</head>
<body>
<h1>Members Only</h1>
<?php
//Check session variable
if(isset($_SESSION['valid_user'])){
echo '<p>You are logged in as '.$_SESSION['valid_user'].'</p>';
echo '<p><em>Members-Only content goes here.</em></p>';
}
else {
echo '<p>You are not logged in.</p>';
echo '<p>Only logged in members may see this page.</p>';
}
?>
<p><a href="authmain.php">Back to Home Page</a></p>
</body>
</html>_
logout.php
<?php
session_start();
//store to test if they "were" logged in
$old_user = $_SESSION['valid_user'];
unset($_SESSION['valid_user']);
session_destroy();
?>
<DOCTYPE html>
<html>
<head>
<title>Log out</title>
</head>
<body>
<h1>Log Out</h1>
<?php
if(!empty($old_user))
{
echo '<p>You have been logged out.</p>';
}
else{
//if they weren't logged in but came to this page somehow
echo '<p>You were not logged in, and so have not been logged out.</p>';
}
?>
<p><a href="authmain.php">Back to Home Page</a></p>
</body>
</html>
</DOCTYPE>