<?php ?> Sloppy Login Script Sloppy login script, couse i used @ on one string

[matak 2]

Here's a sloppy 3 files login script. First file is Login file that looks like this

 

login.php

<form action="check.php" method="post">Username: <input type="text" name="username1"><br />Password: <input type="password" name="password1"><br /><input type="submit" value="Login"></form>

Basicly that is HTML form that's used for input

 

Second part of the script is the check.php that we call from our login.php form

 

<?php

//array that contains usernames and passwords

$userpass = array ("user1" => "123456");

//script that validates usernames and passwords

if ( array_key_exists($_POST['username1'], $userpass)

&&

$userpass[$_POST['username1']] == $_POST['password1']

)

 

{

session_start();

//part which redirects to page if username and password are correct

$_SESSION['user'] = $_POST['username1'];

$_SESSION['pass'] = $_POST['password1'];

echo "<a href=\"toview.php\">Registered Users Page</a>";

}

else {

//part that redirects to index.php or register.php

echo "Please register!<br />";

echo "<a href=\"login.php\">How to Register</a>";

}

?>

Third part is toview.php, which we are loging in to.

<?php session_start();

 

@$approve = $_SESSION['user'];

 

if ($approve == NULL):

echo "Please register!<br />";

echo "<a href=\"login.php\">How to Register</a>";

else:

 

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://forums.xisto.com/no_longer_exists/;

<html>

<head>

<title></title>

 

</head>

<body>

<?php echo 'Welcome '.$_SESSION['user']; ?>

</body>

</html>

<?php endif; ?>

I call it sloppy couse this @ in code

 

@$approve = $_SESSION['user'];

is used to disable error reporting, which is generated if $approve variable isn't set. That error apears only if user directly tries to reach toview.php part, and if $_SESSION is NULL we don't approve that, and just echo the login PHP part.

 

Hope u find this useful

 

mAtAk

[galexcd 0]

I use @ all the time to keep from error reporting. Sure it's sloppy but nobody will know and the best part is that it works!

[Blessed 0]

Greetingsnice script you have here m8,you can inprove it by adding cooies to it,so it remember the member the next time he is on you page,you can even define the amount of hours of days / weeks he can stay loggedi can help you with that if you want,feel free to pm me :lol:have a nice day

[matak 2]

nice script you have here m8,

you can inprove it by adding cooies to it,

so it remember the member the next time he is on you page,

you can even define the amount of hours of days / weeks he can stay logged

 

i can help you with that if you want,

 

feel free to pm me

 

have a nice day

why PM ?

 

It would be really great to work on it here, so all users can see it. Maybe togeather we could create a good login script. I never used cookies before.

 

Btw, do you know a way to use sessions, so that user doesn't have to turn cookies on. On my localhost i used Session and i don't usualy have cookies allowed, so it didn't work for me until i allowed cookies for localhost.

 

I'm interested in server side sessions, so that session is stored on server instead on your local computer.

 

Do you know how to do it?

 

@alex7h3pr0gr4m3r

 

I heard a lot that using @ means that your' sloppy programmer. But i didn't know how to handle this better (and without using isset )

[galexcd 0]

Well I dont use the $session variable at all. When I make my login scripts I write my own session scripts with it. It may take longer but there is no need for sloppy coding.

[sonesay 7]

Well I dont use the $session variable at all. When I make my login scripts I write my own session scripts with it. It may take longer but there is no need for sloppy coding.

Hi, I just want to ask what do you mean you dont use $session variable at all. do you mean you dont use $_SESSION[''] at all and store the users data by other means? If so could you explain how you do it your way? thanks.

[matak 2]

Hi, I just want to ask what do you mean you dont use $session variable at all. do you mean you dont use $_SESSION[''] at all and store the users data by other means? If so could you explain how you do it your way? thanks.

you don't need to use session if you check for the login in the same file you try to login to.. but that is weird way couse everytime when you try to view that page you would need to reenter your username and password.

and how does alextheprogrammer do that

"Write his own session scripts"

I also want to see an example

[madrasboss 0]

you don't need to use session if you check for the login in the same file you try to login to.. but that is weird way couse everytime when you try to view that page you would need to reenter your username and password.
and how does alextheprogrammer do that

"Write his own session scripts"

I also want to see an example

can that work on any site

[matak 2]

can that work on any site

script on post#1 can work on any PHP driven hosting, such as Xisto

[FLaKes 0]

Yes, +1 to the request of seeing alex7h3pr0gr4m3r's example or an Idea. I probably wont sleep today trying to figure out a way to create a login script that does not use the session variable. Im guessing that maybe the database is used is someway with timestamps or something, but I dont know... He is the programer.

[matak 2]

Yes, +1 to the request of seeing alex7h3pr0gr4m3r's example or an Idea.

using login without sessions, even with database setup, would at least require a cron job, or something...

why alex isn't responding?

[galexcd 0]

using login without sessions, even with database setup, would at least require a cron job, or something...
why alex isn't responding?

Yes yes sorry, I have been busy and haven't really checked back here in a while. Now I probably made it seem a bit more complicated than it actually is. I use a database and you do not need to type in your username and password every time. I find this solution to work quite well, in fact I haven't ever used $_SESSION except when i was first learning php.

I have 2 tables in sql: one is the users table, one is the sessions table. Under users is the name, the encrypted password, ID, etc and under session is the user ID, their IP, and their Session string. When they log in it checks the data against the users table and if it is correct it inserts a new row into sessions with a random session string and the IP they log in with, and sets a cookie with that random session string. Then every page they go to it gets the session from the cookie finds the session row with that ID, checks the IP address against the current one (so somebody cant use a cookie stealer and get into your account), and tells the page which ID you are logged in as. Then the page can look up that ID under the users table and get all the info it needs. I know its a bit more work for something that is quite pointless but I got used to doing it.

[matak 2]

Ah cookies, are almost the same as sessions . You just have to use some way to store information on user computer