Home/ Questions/Q 8376495
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T15:26:40+00:00

This is for an assignment, however ive done a lot on my part to

  • 0

This is for an assignment, however ive done a lot on my part to research but i feel like ive reached a wall. I need to create a page where the user can go to sign in (login.php), once they’re signed in they’re redirected to the index page. The link they clicked to login should be replaced with a logout link.

however with all this noted, first things first i do get into the session part and ive echoed the variables and retrieved them however it doesnt do the redirect to the index.php also when i manually click to the index.php after logging the session variables are empty. what am i doing wrong here???

so this is my php code in the login.php

          $found = false;
          //read the read.txt until the end of file
          while(!feof($inputFile) && $found == false)  
          {

            $line = fgets($inputFile);  
            // replace the special charater within the lines by there proper entity code
            $lineArray = preg_split("/\,/", (string)$line);

            if(strcmp($_REQUEST['email'],$lineArray[2])  && strcmp($_REQUEST['pwd'],$lineArray[4]))
            {
                        $found = true;
                        echo "<script>alert(' FOUND!')</script>";
                        session_start();
                        $myuseremail=$_REQUEST['email'];
                        $mypassword= $_REQUEST['pwd'];

                        $_SESSION['login_email']=$myuseremail;
                        $_SESSION['login_pwd']=$mypassword;
                        setcookie("login_email", $_SESSION['login_email'], time()+60*60*24);
                        setcookie("login_pwd", $_SESSION['login_pwd'], time()+60*60*24);
                        header('Location:index.php');
            }
          }
          fclose($inputFile);

and then in my index.php i contain this code before the body of my html 

    <?php

      session_start();
   if(isset($_SESSION['login_email']) && isset($_SESSION['login_pwd']))
   {
    $user_check=true;
    echo $_SESSION['login_email'];
   }
   else
   {
    $user_check=false; 
   }

?>

within the index.php i also have this code lined in for my links 

     <li><a href="index.php">Home</a></li>
 <li><a href="register.php">Register</a></li>

 <?php

if ($user_check){
                 print "<li><a href='logout.php'>Logout</a></li>";
 }
 else{
 print "<li><a href='login.php'>Login</a></li>";
 }
 ?>
            <li><a href="#"> Link 4</a></li>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I found some errors in your code, all coming down to the same point: You cannot send any custom headers after you have began outputting other data.

    Where have you done this?

    Here:

    echo "<script>alert(' FOUND!')</script>";
session_start();//session_start() sends a cookie to the clients machine. 
//How are cookies sent to clients browsers? Through headers.

    And here:

    setcookie("login_email", $_SESSION['login_email'], time()+60*60*24);
setcookie("login_pwd", $_SESSION['login_pwd'], time()+60*60*24);
header('Location:index.php');

    Personally, I think your code is a complete mess. Because I have nothing better to do, I’ll re-write it for you, explaining each step as I go along.

    Let’s begin:

    So the first thing you want to work on is your text file, which stores all the user details.

    Instead of using plain lines or whatever, we should use JSON to split users details, from user to user.

    So here’s what the text file will look like with two users in it:

    {"navnav":{"username":"navnav","pass":"deb1536f480475f7d593219aa1afd74c"},"user2":{"username":"user2","pass":"deb1536f480475f7d593219aa1afd74c"}}

    Notice how I’ve also used the username as keys too and how I’ve hashed the password. So we call this file user.txt and store it somewhere safe.

    Now, for the login page, we shall simply get the data through the POST method, compare it, set sessions and tell the user to go somewhere else (redirect them).

    session_start();//need to start our session first, of course

//check if any login data has been posted our way
if ( isset($_POST['login']) && !empty($_POST['username']) && !empty($_POST['password']) )
{

//assign input data to temp vars
$username = $_POST['username'];
$password = md5($_POST['password']);//notice how I hash the password 

// get the data fro the text file
$userData = file_get_contents('path to your text file');

//decode the json data to an assoc array 
$userData = json_decode( $userData , true );

//check if the user exists
if ( array_key_exists( $username , $userData ) === false )
{

echo 'the username '.$username.' is invalid.';//notify the user
exit();//bye bye

}//end of user does not exist

//so now we know the user name exists (because we've got to this line)
//we shall compare with the password

if ( $userData['$username']['password'] !== $password )
{

echo 'Your password is incorrect';//notify the user
exit();//bye bye


}//end of incorrect password
else
{

//time to set sessions and stuff
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;

//send the redirect header
header('Location: index.php');
exit();

}//end of password is correct


}//end of login data has been sent

    That’s all your login code, but you need your html form setup correctly for the right things to be posted with the right names. So use this html form:

    <form action="login.php" method="post" name="login" target="_self" id="login">
  <p>
    <label for="username">Username</label>
    <input type="text" name="username" id="username" />
  </p>
  <p>
    <label for="password">Password</label>
    <input type="text" name="password" id="password" />
  </p>
</form>

    That’s your login page completely sorted.

    Now for your index.php:

    As you did before, check if the user is logged in and throw the status is in a var:

    session_start();//resume your session (if there is one) or start a new one

//set default user status
$userStatus = false;

if ( isset($_SESSION['username']) && isset($_SESSION['password']) )
{

$userStatus = true;

}//end of user is logged in

    For your HTML login/logout:

    <li><a href="index.php">Home</a></li>
<li><a href="register.php">Register</a></li>

<?php
if ($userStatus === true){
echo "<li><a href='logout.php'>Logout</a></li>";
}
else{
echo "<li><a href='login.php'>Login</a></li>";
}
?>
<li><a href="#"> Link 4</a></li>

    And there you have it.

    Let me know if you have any problems.

    One more thing:

    This is far from secure. Why? You’re using text files, you’re using text files and you’re using text files.

    EDIT:

    To separate the JSON data by user, simply edit the text file manually (see my comment).

    Or you could just paste this into your text file:

    {"navnav":{"username":"navnav","pass":"deb1536f480475f7d593219aa1afd74c"},
"user2":{"username":"user2","pass":"deb1536f480475f7d593219aa1afd74c"}}

    Do you see how there is no \n in the above? Because I just created a new line manually (by just hitting enter). \n will make the JSON code invalid, so that’s why you should avoid it. This method just means if you have to create new users, and you need a new line for each user, then you will have to do it manually.

    • 0