PHP Forum

**whoisit** · 02-21-2008, 03:40 AM

Hi Everybody,

You will tell from the following that I've only just started PHP.
What I want is a simple login for about 10 members, security is not the issue
Here is part of my htm.
<form method="post" action="process.php" name="userID" >
<input type="hidden" name="env_report" value="REMOTE_HOST,REMOTE_ADDR,HTTP_USER_AGENT,AUT H_TYPE,REMOTE_USER">

<input name="user" type="text" />
<input type="submit" name="send" value="Submit" />

Here is my php bit
<?php
$user = $_POST['user'];
switch ($user){
case "user1":
break;
case "user2":
break;
case "user3":
break;
default:
echo "username not recognised";
break;
}
echo "Hi ". $user . ".<br />";
echo "Go to page 2";
?>

The idea is it checks the switch statement if it finds a match it shows the Hi user with a link to got go to page 2.

My questions are
1) How do I make the link work?
<a href="http://www.mysite.page2.htm"> Page2</a>

and how do I place the information from the form into a log file *.txt?

Thanks for looking

**king601** · 02-21-2008, 12:17 PM

I find if I need to make something like this I could do it much easier with MySQL... As that code is pretty confusing at first glance...

**capetek** · 02-21-2008, 12:25 PM

dont say hi to the user on this page, save for the next page just do

Quote:

header("location: page2.php");

inside the successfull case

**whoisit** · 02-21-2008, 04:57 PM

Ok tried this but still not working?
Below is the code and the error
<html><body>
<?php
$user = $_POST['user'];
switch ($user){
case "Joe":
$msg=$user
header ("Location: vote_page.php?$msg=$msg");
break;
case "Jack":
$msg=$user
header ("Location:vote_page.php?$msg=$msg");
break;
case "Jim":
$msg=$user
header ("Location: vote_page.php?$msg=$msg");
break;
default:
echo "username not recognised";
break;
}

?>
</body></html>

Parse error: syntax error, unexpected T_STRING in /home/sites/poem-n-verse.co.uk/public_html/votes/process.php on line 8

**capetek** · 02-21-2008, 05:32 PM

u forgot some ;

PHP Code:


			
<?php

$user = $_POST['user'];

switch ($user){

case "Joe":

$msg = $user;

header ("Location: vote_page.php?msg=$msg");

break;

case "Jack":

$msg = $user;

header ("Location: vote_page.php?msg=$msg");

break;

case "Jim":

$msg = $user;

header ("Location: vote_page.php?msg=$msg");

break;

default:

echo "username not recognised";

break;

}



?>

**mtishetsky** · 02-22-2008, 02:42 AM

The most simple login system is apache basic auth mechanism.

And you'd better store your users in a DB or file instead of switch.

And also your code is redundant. You don't really have to assign $user to $msg and you should not have separate header() in each case.

And what if I go directly to the page 2?

Very poor.

**whoisit** · 02-22-2008, 04:59 AM

mtishetsky, thanks for your help after two days of looking around the web, following what are now clearly useless scripts, it's nice to know there is someone who is always willing to let you know that your code is poor, with out actually offering any clear and understandable example to help you understand the language a little easier.

Capetek, thanks for your support, shame it's so poor. (mtishetsky words not mine)

**dman_2007** · 02-22-2008, 08:17 AM

Ok, here's how you do it :

PHP Code:


			
<?php

  session_start();

  

  $user = trim($_POST['user']);

  $env  = $_POST['env']  

  

  switch ($user)

  {

    case "Joe":

    case "Jack":

    case "Jim":

      $_SESSION['logged_in'] = true;

      $_SESSION['username'] = $user;

      /* replace $file_with_path with actual log file fully qualified with file path and

         writeable by the server */

      log_user_login($file_with_path, $user, $env); 

      header ("Location: vote_page.php");

      break;

    default:

      echo "username not recognised";

      break;

  }

 

  function log_user_login($file_with_path, $user, $env)

  {

    $fh = fopen($file_with_path, 'a');

    fwrite($fh, $user . ',' . $env . "\n");

    fclose($fh); 

  }

?>

Use $_SESSION['username'] to customise the vote_page.php based on the username. Put this code at the start of the vote_page.php :

PHP Code:


			
<?php

  session_start();

  

  if(!array_key_exists('logged_in', $_SESSION))

  {

    header('Location: login.php');

  } 

?>

Also, i haven't tested this code, if it gives you any error on running, let me know, i'll remove it.

**whoisit** · 02-23-2008, 04:33 AM

Hi Dman
Thanks for the reply and example.
I placed this at the top to save typing it every time it's needed.

$path = http://79.170.40.35/poem-n-verse.co.uk/logfiles/';

but it's obviously not right as I get an error, how should this be written to make it work?

**Gilligan** · 02-23-2008, 06:21 AM

In a new file? use includes.

PHP Code:


			
<?php 

include ('http://79.170.40.35/poem-n-verse.co.uk/logfiles/');

?>

**dman_2007** · 02-23-2008, 09:25 AM

Quote:

Originally Posted by whoisit

Hi Dman
Thanks for the reply and example.
I placed this at the top to save typing it every time it's needed.

$path = http://79.170.40.35/poem-n-verse.co.uk/logfiles/';

but it's obviously not right as I get an error, how should this be written to make it work?

I am assuming that by $path you mean $file_with_path.

This should be :

// if you're on a *nix based server
$file_to_path = '/var/log/user_login_log.txt';

replace the above path with the path to your log file and log file should have appropriate permissions so that it is writable by the server. And you don't need to put it at the top of all pages just put it at the top the page which proccesses the login.

**whoisit** · 02-23-2008, 12:42 PM

Hi Dman,
Still got problems, below is error
Parse error: syntax error, unexpected T_SWITCH in /home/sites/poem-n-verse.co.uk/public_html/logit.php on line 7

Line 7 is switch ($user)

here is what I have now

Code:

<?php
  session_start();
  $file_to_path = '/var/logfiles/user_login_log.txt';
  $user = trim($_POST['user']);
  $env  = $_POST['env']

  switch ($user)
  {
    case "Joe":
    case "Jack":
    case "Jim":

Here's the form

Code:

<form method="post" action="logit.php" name="userID" >
<input type="hidden" name="env_report" value="REMOTE_HOST,REMOTE_ADDR,HTTP_USER_AGENT,AUT H_TYPE,REMOTE_USER">
<h4>Please type your UserName:</h4></font>
</td>
</tr>
<tr>
<td align ="center" bordercolor="#000000">
<input name="user" type="text" />
</td>
</tr>

**mgraphic** · 01:31 PM

I don't think there can be a space between switch and (). Try:

switch($user)

Also be sure to close the end of the switch construct with an ending }

**whoisit** · 02-23-2008, 06:01 PM

Hi Mgraphic
Thanks for the advice, but still no luck?

**dman_2007** · 11:59 PM

Sorry, forgot to add semicolon after $_POST['env'], should've tested before posting. Anyway, i am attaching a tested and working example, see if it works for you. You can see it in action here

**whoisit** · 02-24-2008, 04:42 AM

Thanks Dman for the trouble you went to in helping me with this script.
It now works, Yippee!!
Don't understand all of the script yet, but I will.

I would like to step it up by adding a password, not placing the password in the log file, just having the user enter a name and password.

This is only used about once a month by 10 members.

If you could point me in the right direction it would be a big help ( not that you haven't already been a big help

)

**dman_2007** · 02-24-2008, 10:05 PM

Add a password field to the html form, then add if/else statement to each case, if the submitted password doesn't match the user's password set $show_error = 1, and break out of switch statement, otherwise perform all the actions we are performing in the current script on a successful login.

**whoisit** · 11:19 AM

Hi Dman
Thanks for the reply, tried this but keep getting invalid login?

Code:

switch ($user)
     {
      case "joe":
      if ($pass !=  "abc");
      $show_error = 1;
      break;
      case "jim":
      if ($pass !=  "lmn");
      $show_error = 1;
      break;
      case "jack":
      if ($pass != "xyz");
      $show_error = 1;
      break;

**Cybergod** · 02-25-2008, 11:47 AM

Tried it ,working good

**whoisit** · 02-25-2008, 12:14 PM

Cybergod, glad it's working for you, it's not for me?

Here is the full code and the form that calls it something must be wrong somewhere?

Code:

<?php

  if(array_key_exists('submit', $_POST))
  {
    session_start();

    $user = strtolower(trim($_POST['username']));
    $pass  = $_POST['password'];
    $env  = $_POST['env_report'];

    switch ($user)
     {
      case "joe":
      if ($pass !=  "abc");
      $show_error = 1;
      break;
      case "jim":
      if ($pass !=  "lmn");
      $show_error = 1;
      break;
      case "jack":
      if ($pass != "xyz");
      $show_error = 1;
      break;
    }
  }

  function log_user_login($file_with_path, $user, $env)
  {
    $fh = fopen($file_with_path, 'a');
    fwrite($fh, $user . ',' . $env . "\n");
    fclose($fh);
  }
?>

Code:

<form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post" name="login_form" id="login_form">
    <?php if(isset($show_error)) { ?>
         Error : Invalid

    <?php } ?>
    <input type="hidden" name="env_report" value="<?php echo $_SERVER['REMOTE_ADDR'],",",$_SERVER['HTTP_USER_AGENT']; ?>">
      <label for="username">Login</label>
      </td></tr>
      <tr><td align ="center" bordercolor="#000000">
      UserName:
      <input type="text" name="username" id="username" size="20" />
      </td></tr>
      <tr>
      <td align ="center" bordercolor="#000000">
      Password: &nbsp;
      <input type="password" name="password" id="password" /><br />
      </td>
      </tr>
       <tr><td>
      <input type="submit" name="submit" id="submit" class="mybutton" value="Submit" />
      </td></tr>
      </table>
  </form>