I’m trying to create a very simple login for only one or two users, the username and password are stored in “admin.txt” the text file is formatted like:
username
password
__
I cannot seem to have the username and password register… Thanks for the help!!
// username and password sent from form
$myusername=$_POST['username'];
$mypassword=$_POST['password'];
$sql = fopen("../admin8183/users/admin.txt", "r");
while (!feof($sql)) {
$myusername = fgets($sql);
$mypassword = fgets($sql);
$line = fgets($sql);
$myusername = trim($myusername);
$mypassword = trim($mypassword);
}
// counting rows
$admin=count(file("../admin8183/users/admin.txt"));
if($admin==1){
// Register $myusername, $mypassword and redirect to file "sendmessage.php"
session_register("myusername");
session_register("mypassword");
header("location:sendmessage.php");
}
else {
echo "Wrong Username or Password";
}
p.s. I am sure that there are a few things wrong with my code, and that there are more efficient ways of accomplishing my goal, this is my first stab at creating a login in php…
Thanks for your help!
First, I must say this is the wrong way to acomplish your task, The offer on the comment to use htpasswd is very right.
As for your code:
$myusernamevariable when reading from$_POSTand from the file. You need to use seperate variables and compare then.Update:
Since you can’t use htpasswd, i highly recommend hashing your password. Either if you save it in a file or hardcoded, it is a good practice. As @silky pointed out, sha1/md5 are no better then plain text, so here is an implementation of sha256 for PHP.
Also, don’t save your password/username in the sessoion, as @pygorex1 pointed out, use a different variable for marking the user as logged-in.