- You are not logged in. | Login
January 22, 2007 12:42 pm
- franzkafka
- Member
Session adding
Help me, please! I need to insert a session with login and password into the script given to evade repeated writing of login and password when crossing to other pages of the server.
PHP Code
<?
$auth = false;
$handle = fopen("./include/database.dat","r");
while ($data = fgetcsv ($handle, 1000, "|")) {
if ($data['0'] == $_POST['login'] && $data['1'] == $_POST['password']) {
echo "You are authorized: <b>";
echo $data['0'];
echo "</b>. <a href=\"./?id=logout\">Logout </a>.";
break;
} else {
echo "<form action=\"./?id=";
echo $_GET['id'];
echo "\" method=\"POST\"><input type=\"text\" name=\"login\"
value=\"Login\"> <input type=\"password\" name=\"password\" value=\"Password\"> <input type=\"submit\" value=\"Enter\" class=\"submit\"></form></td><td align=\"right\" vAlign=\"center\" bgcolor=\"#000000\" width=\"60\"><a href=\"./?id=registration\">Registration</a></td>";
}
}
fclose ($handle);
?>
January 22, 2007 12:45 pm
- PHPprof
- Member
Re: Session adding
It can be something like this:
PHP Code
<?
session_start();
$auth = false;
$handle = fopen("./include/database.dat","r");
while ($data = fgetcsv ($handle, 1000, "|")) {
if(isset($_SESSION['login'])){
echo "You are already authorized ";
}else{
if ($data['0'] == $_POST['login'] && $data['1'] == $_POST['password']) {
session_register('login');
$_SESSION['login'] = $_POST['login'];
echo "You are authorized: <b>";
echo $data['0'];
echo "</b>. <a href=\"./?id=logout\">Logout </a>.";
break;
} else {
echo "<form action=\"./?id=";
echo $_GET['id'];
echo "\" method=\"POST\"><input type=\"text\" name=\"login\" value=\"Login\"> <input type=\"password\" name=\"password\" value=\"Password\"> <input type=\"submit\" value=\"Enter\" class=\"submit\"></form></td><td align=\"right\" vAlign=\"center\" bgcolor=\"#000000\" width=\"60\"><a href=\"./?id=registration\">Registration</a></td>";
}
}
}
fclose ($handle);
?>I'll come to win... wait...
January 22, 2007 12:47 pm
- PHPprof
- Member
Re: Session adding
Record hash into a file and then compare hash from the file and coded variable $_POST['password']
I'll come to win... wait...
January 22, 2007 1:07 pm
- franzkafka
- Member
Re: Session adding
I’ve done everything. Thank you! And the last question: how is it possible to do in this script so that all the symbols were read from file, not only 1000?
January 22, 2007 1:14 pm
- franzkafka
- Member
Re: Session adding
I don’t understand. It is example with 1000 everywhere. I’ve tried like this – it reads nothing:
PHP Code
$handle = fopen("./include/database.dat","r");
$file = count("$handle");
while ($data = fgetcsv ($handle, $file, "|")) {
January 22, 2007 1:22 pm
- PHPprof
- Member
Re: Session adding
No, you can do like this:
PHP Code
$size = filesize("path to file ");
while ($data = fgetcsv ($handle, $size, "|")) {I'll come to win... wait...
January 22, 2007 1:27 pm
- franzkafka
- Member
Re: Session adding
Ok, this can be helped. And how to do a safety code on a site? And another two questions. Data are transmitted from a form, PHP-script handles them and records into file if everything is correct. I’ve written verification for e-mail, password and so on but I don’t know how to do a user’s login verification if it already exists in the file. I think I should open users’ file and compare massive of file data[0] with the login input.
And one more question: I’d like my login to consist of numbers and Latin letters. How can I make it contain 3 symbols minimum?
January 22, 2007 1:34 pm
- phppat
- Member
Re: Session adding
The answer to your first question is: you should save logins in base. It makes everything easier.
And about your second question. Here is assertion against numbers and Latin letters:
if (preg_match("/^([a-z0-9]+)$/i", $pwd) == 1){}
You may also use PEAR QuickForms with integrated rules and besides that there is also verification for valid e-mail and so on.
PHP monster
