Simple PHP Login Problem

mccrum

mccrum

mccrum

Associate
Joined
25 Oct 2007
Posts
114
Location
Belfast
I made a simple PHP login form that uses only 1 username and password to login. If I currently type in the correct username and password it displays "LOGIN SUCCESSFUL" and shows a link to the admin page but I would like to include the admin page within the php file. Below is the code I have used, hope you can help.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head>
<title>Energy Saving › Admin Log In</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel='stylesheet' href='login.css' type='text/css' media='all' />
</head>

<div class="container">
<div id="header"></div>

<body class="login">
<div id="login">

<h1><a href="login.html">Energy Saving Logo</a></h1>

<?php

$loginname = "admin";
$loginpassword = "password";

if ($_POST['text'] != $loginname || $_POST['password'] != $loginpassword) {

?>

<div id="login_error"> <strong>ERROR</strong>: Incorrect Username or Password.<br /></div>

<?php

}
else {

?>

<div id="login_sucess"> <strong>LOGIN SUCCESSFUL</strong>: <a href="login.html">Click here</a> to continue.</div>

<?php

}

?>



<form name="login" id="loginform" action="login.php" method="post">
<p>
<label>Username:<br />
<input type="text" name="text" id="user_login" class="input" value="" size="20" tabindex="10" /></label>
</p>
<p>
<label>Password:<br />
<input type="password" name="password" id="user_pass" class="input" value="" size="20" tabindex="20" /></label>
</p>
<p class="submit">
<input type="submit" name="submit" id="submit" value="Log In" tabindex="100" />
</p>
</form>
</div>

</body>
</html>
Click to expand...
 
you could either use
Code: 
header("Location: admin.php");
to redirect to the admin page after the login

or

encapsulate the admin page within a function like so:

Code: 
function admin_page(){
?>
html code goes here
<?php
}

then call that function after login like so:
Code: 
admin_page();
 
#2

Ok I think I have it working now, the only problem is I can not get the error to show up if you enter the wrong username or password. I would like the same error box to show up as I had in the first set of code I posted, here is my new code without the error, currently it just reloads the login form if you enter a wrong username/password:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head>
<title>Energy Saving › Admin Log In</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel='stylesheet' href='login.css' type='text/css' media='all' />
</head>

<div class="container">
<div id="header"></div>

<body class="login">
<div id="login">

<h1><a href="login.html">Energy Saving Logo</a></h1>


<?php



// Define your username and password

$username = "admin";

$password = "password";



if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {



?>


<form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

<label>Username:<br />
<input type="text" name="txtUsername" id="user_login" class="input" value="" size="20" tabindex="10" /></label>
</p>
<p>
<label>Password:<br />
<input type="password" name="txtPassword" id="user_pass" class="input" value="" size="20" tabindex="20" /></label>
</p>
<p class="submit">
<input type="submit" name="submit" id="submit" value="Login" tabindex="100" />
</p>
</form>
</div>



<?php



}

else {



?>



<p>This is the protected page. Your private content goes here.</p>



<?php



}



?>
Click to expand...
 
personally I'd reverse your if logic, so that you have
PHP: 
if($password == $_POST['password'] && $username == $_POST['username'])
As I can't see anything that would actually go wrong with your logic but having your authenticated stuff in an else{} just rankles :p
 
Code: 
if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) 
{

	echo "
	<form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

	<label>Username:<br />
	<input type="text" name="txtUsername" id="user_login" class="input" value="" size="20" tabindex="10" /></label>
	</p>
	<p>
	<label>Password:<br />
	<input type="password" name="txtPassword" id="user_pass" class="input" value="" size="20" tabindex="20" /></label>
	</p>
	<p class="submit">
	<input type="submit" name="submit" id="submit" value="Login" tabindex="100" />
	</p>
	</form>
	</div>";

}

else 
{
	echo "<p>This is the protected page. Your private content goes here.</p>";
}



?>

echo?
 
BluZiff said:
Code: 
if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) 
{

	echo "
	<form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

	<label>Username:<br />
	<input type="text" name="txtUsername" id="user_login" class="input" value="" size="20" tabindex="10" /></label>
	</p>
	<p>
	<label>Password:<br />
	<input type="password" name="txtPassword" id="user_pass" class="input" value="" size="20" tabindex="20" /></label>
	</p>
	<p class="submit">
	<input type="submit" name="submit" id="submit" value="Login" tabindex="100" />
	</p>
	</form>
	</div>";

}

else 
{
	echo "<p>This is the protected page. Your private content goes here.</p>";
}



?>

echo?
Click to expand...
You'd need to swap all the html element property quotes to single quotes for a start, not to mention fix the variables.
Plus there's no real advantage to doing it that way as far as I know and it's a bit of a PITA to maintain.
 
You must log in or register to reply here.
Back
Top Bottom