Hi I have a login script that lets me login, but what i want is a login script where i can define more than 1 person. This is what I have, and if somebody is able to fill in the blanks if possible as to what I need to have more than 1 person being assigned to logon? And the above clipping of my code works perfectly, so another words, i'm say user 'ABC' with pwd '123', and what I want is another user say 'DEF' with pwd '456'. I also tried this too: And what happened is it would let me login with abc-123, def-456, abc-456, def-123 - so that shot that theory out the door for me Any help is appreciated!
if ( ($_POST['username'] == 'abc' && $_POST['password'] == '123') || ($_POST['username'] =='def' && $_POST['password'] == '456')) { // login success PHP: Why you are checking login pass in if else? Why you are not using database for this?
If you can use any databese USE IT, if you can't try something like this: $my_users = array( 'usr1' => 'pass1', 'usr2' => 'pass2', 'usr3' => 'pass3', ); if ($_POST['login_button_pressed']) { foreach ($my_users as $usr=>$psw) { if ($_POST['username'] == $usr && $_POST['password'] == $psw) { $_SESSION['logged_in'] = true; break; } } } PHP:
<?php session_start(); $username = array("abc","def"); $pass = array(123,345); if (isset($_POST['username'])) { if (in_array($_POST['username'],$username)) { $position = array_search($_POST['username'],$username); if ($password[$position] == $_POST['password']) { $_SESSION['logged_in'] = 'true'; } else { $errmsg="Incorrect Log In details, please try again!"; } } } if (! (isset($_SESSION['logged_in']) && $_SESSION['logged_in'] == 'true') ) { echo ' and then the page display and what not is past this point... PHP: you should do this tho, you should keep the passwds in the database. try to encrypt them too.
Thankyou, that worked perfectly! As for the first question, i'm sorry, i'm still learning and the code I was using was a snippet with abit of editing on my behalf to try things out! As for the second question, how could I set it up to use login data from a database? (as I mentioned, im still learning and trying to understand all of these terminologies)
Don't waste your time in forums and money in buying books. Best source to learn PHP is http://www.w3schools.com/php/php_intro.asp
BT One thing you must understand is that php scripts are executed on server side, not inside the browser. (just mention this as it has tackled me many times) To use a (MySQL) database for login, its not too hard to do. in your form action file if (isset($_POST['txtUsername']) && isset($_POST['txtPassword'])) { $username=$_POST['txtUsername']; $password=$_POST['txtPassword']; $loginresult = dologin($username,$password); switch($loginresult) { // handle login result if you like (login failures) } } else { // handle if username / password not set } Code (markup): Here code for the dologin function function dologin($username,$password) { global $db_hostname; global $db_database; global $db_username; global $db_password; $webdatabase = mysql_connect($db_hostname, $db_username, $db_password) or trigger_error(mysql_error(),E_USER_ERROR); $database = mysql_select_db($db_database, $webdatabase) or trigger_error(mysql_error(),E_USER_ERROR); $strquery = sprintf("SELECT username,password,accountactive FROM web_login WHERE username = '%s'",mysql_real_escape_string($username)); $result = mysql_query($strquery,$webdatabase); // Check result // This shows the actual query sent to MySQL, and the error. Useful for debugging. if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; $message .= 'Whole query: ' . $strquery; echo($message); return 3; } // Use result // Attempting to print $result won't allow access to information in the resource // One of the mysql result functions must be used // See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc. while ($row = mysql_fetch_assoc($result)) { if (($row['username'] == $username) && ($row['password'] == md5($password)) && ($row['accountactive'] == TRUE)) { return 0; } else { return 1; } } return 2; } Code (markup): Note that I store the passwords as md5 hash that's why there is a md5($password) You must still use this with sessions etc, but hope it gives an idea about how to match login information with usernames in a database
Thanks for your assistance guys/gals, very much appreciated. I'll keep the mysql idea for my next project that is coming up, although I do have another query regarding this current script help. What I want is say for user 'abc' to access say links 1,2,3 once logged in, but say user 'def' to access links 1 & 3 only once logged in. So is it possible in the user details to say assign a number or something, then later on in the page to use a php that if this user is logged on and has these numbers, can view these links? (i hope this makes sense) Thankyou
yes, thats called permission. you can set up a menu that only viewable for certain type of people with certain type of permissions. something like this <ul> <li><a href="home.php">Home</a></li> <?php if($_SESSION['permission'] == 2) { echo "<li><a href=\"adduser.php\">Add User</a></li>": } ?> </ul> PHP: where Home link is visible to all users but link Add User is only visible to user with permission value 2
Okie dokie, that part I understand thankyou for posting, but the 2nd part i'm still fiddling with and not succeeding is where abouts am i assigning the permission to where the user is? I've tried putting the permission with user 'abc', but obviously am doing it incorrectly as it is not even allowing me to logon, but allows user def to log on and not display that additional link. As I said, im still learning, and am having great difficulty. Thankyou