I was wondering if there were any ways to do a login system without using a mysql database or table.

if there is, can someone post one up?

There is a very simple way in which you check the username and password agains a hardcoded value

Code:

if($username == "User" & $password == "Pass"){
//set sessions etc here
}

Other than that, there isn't really any other secure way to do so.

Jamie

it doesn't really need to be secure... I just need a login system without using mysql that doesn't look like crap

um...looks have very little to do with authentication systems. Generally you have a form, then a processing page, then a landing page.

The form is basic HTML, the processing page checks the sent values against authorised values (using either sql, flat files or hardcoded methods) and then sets a session saying the user is logged in. The user is then sent to the landing page and any other processing can be done there (extra widgets etc. can be added to the markup)

Jamie

You could have it used the fopen command to open up some file and put in and look for the username and password of users, but of course its extremely insecure.

As far as I'm aware, there wouldn't be a very good way of doing this at all.

THe MySQL DB would store all the username data ect, although, you can do this using a .txt file, but if someone realises that you don't have a MySQL database for this, its easy enough to figure out you're using a .txt file, which they can then open in their browser and get all the usernames and passwors ect.


The only otherway I can think of is using .htaaccess, but this will open a popup box (like when a directory is password protected but requires the admin to make the username).

login.php

PHP Code:

<?php

/**
 * @Author H22CREATIONS
 * @Copyright 2007
 */

session_start();

function logout_link(){//return LogoutLink or nothing
    if ($_SESSION[logged])
        return '<a href="login.php?logout=yes">Logout</a>';
}


function login(){//return LOGINFORM(HTML) , FALSE , 1 or 2
if (!$_SESSION[logged]){//if not logged:
    if (empty($_POST)){//if nothing posted return login form
        return '
        <form method="post" action="login.php">
        Username: <input type="text" name="username" /><br />
        Password<input type="password" name="password" /><br />
        <input type=submit name=submit />
        </form>';
    }// END if
    else{//If something posted 
        $handle=fopen('bd.php','rb');
        fseek($handle, 150);//Ignore first 2 Line
        while (!feof($handle)){//STOP When (EOF reached)
            list($u,$p)=explode("\t",fgets($handle));
            $p=str_replace("\r\n","",$p);
            if (($_POST[username]===$u) && ($_POST[password]===$p)){
                fclose($handle);
                $_SESSION[logged]=TRUE;
                return 1;//USERNAME AND PASSWORD TRUE
            }//END if
        }//END While
    if(!$_SESSION[logged]){
            fclose($handle);
            return FALSE;//Error False username or password
        }//END if
    }
}//if logged
else return 2;//Already logged
}

if ($_GET[logout]){
    $_SESSION[logged]=FALSE;//LOGOUT
}// END if

//SOME TESTS
    echo'<pre>';
    var_dump (login());
    echo logout_link();

bd.php (must be readable by the server CHMOD TO 444 fo maximum security)
VERY IMPORTANT:
DO NOT EDIT THE NAME OF THIS FILE.
DO NOT EDIT THE FIRST 2 LINE.

PHP Code:

<?php /*DO NOT ALLOW ACCESS*/ if (eregi('bd.php',$_SERVER['PHP_SELF'])) exit('Error');?>
[Enter Below Your Logins and Passwords separated by a tab]
user1    pass1
user2    pass2

You can add a .htaccess file with paramaters.

I use a Login Form without DB on sites where only specific selected people enter, for example an Admin Panel for a site of me. They put in the username and password and then i check it with a simple 'if'

explore it with text file

< link drop removed >

First, thanks for the script and the post. I copy and pasted it into the two files and uploaded them into my webserver. Unfortunately it gives me an error every time i try to log in with the usernames and passwords in the bd.php file. Does anybody have an idea where am i mistaking?

shall we guess at the error?

chrishirst, it would be very appreciated.

My guess is Error 10058