[PHP][FORM]Login

So you want to create a basic Html,Php login without SQL, but no really sure how? Well this is how :D
First we need to make the html form...

PHP Code:

<?php $username = $_POST['name']; $password = $_POST['password']; if(isset($_POST['submit'])) { if( $username == hotelunder ) { if ( $password == 123456 ) { echo "welcome Hotelunder"; } else { echo "wrong password"; } } else if ( $username == mental ) { if ( $password == 123456 ) { echo "welcome God"; } else { echo "wrong password"; } } else { echo "welcome guest"; } // rest of code } else { ?> <form method="post" action="<? echo $_SERVER['PHP_SELF']; ?>"> Name: <input type="text" size="10" maxlength="40" name="name"> <br /> Password: <input type="password" size="10" maxlength="10" name="password"> <input name="submit" type="submit" value="Login"> </form> <?php } ?>

Re: [PHP][FORM]Login

Nice and everything, but why wouldn't you grab data from a database? Instead of putting the information in the PHP form?

Here's what I use:

PHP Code:

<?php // Connects to your Database mysql_connect("localhost", "root", "") or die(mysql_error()); mysql_select_db("cms") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: members.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['pass']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['pass'] = stripslashes($_POST['pass']); $info['password'] = stripslashes($info['password']); $_POST['pass'] = md5($_POST['pass']); //gives error if the password is wrong if ($_POST['pass'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['pass'], $hour); //then redirect them to the members area header("Location: members.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="pass" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?>

Re: [PHP][FORM]Login

Try and use correct indenting, you and Aaron, and if you want to check for a string then do "string"!
I see you do "if ($cond == mental)" or something, but you NEED TO MAKE "mental" a string!

This is correct:

PHP Code:

<?php $username = $_POST['name']; $password = $_POST['password']; if (isset($_POST['submit'])) { if ($username == "hotelunder") { if ($password == "123456") { echo "Welcome Hotelunder"; } else { echo "Wrong Password"; } } elseif ($username == "mental") { if ($password == "123456") { echo "Welcome God"; } else { echo "Wrong Password"; } } else { echo "Welcome Guest"; } } else { ?> <form method="post" action="<?=$_SERVER['PHP_SELF'];?>"> Name: <input type="text" size="10" maxlength="40" name="name"><br /> Password: <input type="password" size="10" maxlength="10" name="password"> <input name="submit" type="submit" value="Login"> </form> <?php } ?>

And, why not try making a tut that uses like FlatFile/INI's, for the people that don't have DB's.

Re: [PHP][FORM]Login

will do :D

Quote:

Originally Posted by EliteGM

Try and use correct indenting, you and Aaron, and if you want to check for a string then do "string"!
I see you do "if ($cond == mental)" or something, but you NEED TO MAKE "mental" a string!

This is correct:

PHP Code:

<?php $username = $_POST['name']; $password = $_POST['password']; if (isset($_POST['submit'])) { if ($username == "hotelunder") { if ($password == "123456") { echo "Welcome Hotelunder"; } else { echo "Wrong Password"; } } elseif ($username == "mental") { if ($password == "123456") { echo "Welcome God"; } else { echo "Wrong Password"; } } else { echo "Welcome Guest"; } } else { ?> <form method="post" action="<?=$_SERVER['PHP_SELF'];?>"> Name: <input type="text" size="10" maxlength="40" name="name"><br /> Password: <input type="password" size="10" maxlength="10" name="password"> <input name="submit" type="submit" value="Login"> </form> <?php } ?>

And, why not try making a tut that uses like FlatFile/INI's, for the people that don't have DB's.

Re: [PHP][FORM]Login

*COUGH* mysql injection *COUGH*

Re: [PHP][FORM]Login

yea its better to use mysql in a login script so it makes it easier to do.

Re: [PHP][FORM]Login

Too many lines imo!
Better be like this:

PHP Code:

<?php $username = $_POST['name']; $password = $_POST['password']; if (isset($_POST['submit'])) { if ($username == "hotelunder" || $password == "123456") { echo "Welcome Hotelunder"; } else { die("Wrong username or password!"); } elseif ($username == "mental" || $password == "123456") { echo "Welcome God"; } else { die("Wrong username or password!"); } } else { echo "Welcome Guest"; } } else { ?> <form method="post" action="<?=$_SERVER['PHP_SELF'];?>"> Name: <input type="text" size="10" maxlength="40" name="name"><br /> Password: <input type="password" size="10" maxlength="10" name="password"> <input name="submit" type="submit" value="Login"> </form> <?php } ?>

Easier to use $data = "data" || $data2 = "data" then the way you did it lol

Re: [PHP][FORM]Login

Quote:

Originally Posted by Sparkly

Too many lines imo!
Better be like this:

PHP Code:

<?php $username = $_POST['name']; $password = $_POST['password']; if (isset($_POST['submit'])) { if ($username == "hotelunder" || $password == "123456") { echo "Welcome Hotelunder"; } else { die("Wrong username or password!"); } elseif ($username == "mental" || $password == "123456") { echo "Welcome God"; } else { die("Wrong username or password!"); } } else { echo "Welcome Guest"; } } else { ?> <form method="post" action="<?=$_SERVER['PHP_SELF'];?>"> Name: <input type="text" size="10" maxlength="40" name="name"><br /> Password: <input type="password" size="10" maxlength="10" name="password"> <input name="submit" type="submit" value="Login"> </form> <?php } ?>

Easier to use $data = "data" || $data2 = "data" then the way you did it lol

this wont work...
Use the correct indentation to see why, also, it should be &&(and) not ||(or) and if first user/pass is wrong, the else should be a elseif and the last else would be "die("Wrong username or password!");".