hi, i want to create a user login system without database. i want to store the usernames and passwords in a PHP file (validation.php). is this possible?
Assuming you have a config file add the following to it // Users $admin_users = ""; // Usernames, separated by commas $admin_passwords = ""; // Respective passwords, separated by commas PHP: validation.php <?php require_once("config.php"); if (($_POST["username"] != "") || ($_GET["username"] != "")) { $username = $_POST["username"]; $password = $_POST["password"]; $users = explode(",", $admin_users); $passwords = explode(",", $admin_passwords); for ($i = 0; $i < sizeof($users); $i++) { if (($users[$i] == $username) && ($passwords[$i] == $password)) { $successful_login = true; break; } else { $successful_login = false; } } if ($successful_login) { session_start(); $_SESSION["UserID"] = $username; header("Location: index.php"); // set this } else { session_start(); session_destroy(); if ($_GET["username"] == "") { $msg = "Invalid login credentials."; } else { $msg = "Thanks for logging out."; } } } ?> <html> <head> <title>User Login</title> </head> <center> <body> <legend>Verify Your Identity</legend> <form method="post" action="validation.php"> <fieldset> <legend>Please Login</legend> <?php if ($msg != "") { echo "<p>$msg</p>"; } ?> <table> <tr> <td>Username:</td> <td><input type="text" name="username" /> </tr> <tr> <td>Password:</td> <td><input type="password" name="password" /> </tr> </table> <p> <button class="buttonclass" type="submit">Confirm Login</button> </p> </fieldset> </form> </body> </center> </html> PHP: Security related pages should then have the following somewhere near the top: <?php session_start(); if ($_SESSION["UserID"] == "") { header("Location: validation.php"); } ?> PHP: On a side note, pending on where you put these files, you might need to alter the ../paths Also it would be a security risk not to logout on a public PC so place a logout button somewhere on the security related pages. <form method="post" action="validation.php?username=<?php echo $_SESSION["UserID"]; ?>" target="_parent"> <button type="submit">Sign Out</button> </form> PHP: