So what's wrong with these?

Space Goat · 06-07-2004, 05:21 AM

I've been trying my hand at PHP coding lately, with marginal success. But, I've yet to get working any login system beyond a simple form that doesn't send cookies, so it hasn't the convenience of autologin.

Here's my attempt at a login form that uses cookies. Can anyone tell me what might be wrong with it? All this form will do, is reload itself in its default state when the submit button is pressed.

I'm not an experienced scripter, so I'm probably missing something...

PHP Code:

  <?php
  if (isset ($_POST['submit'])) {
      if (empty ($_POST['username'])) {
          $u = FALSE;
          $message .= "<p>Enter a username, or thou shalt not pass...</p>";
      } else {
          $u = $_POST['username'];
      }
      
      if (empty ($_POST['password'])) {
          $p = FALSE;
          $message .= "<p>Enter a password, or thou shalt not pass...</p>";
      } else {
          $p = $_POST['password'];
      }
      
      $ujuser = "user";
      $ujpass = "password";
      
      if ($u && $p) {
          if ( $u != $ujuser || $p != $ujpass ) {
             $message = "<p>The username and password you entered are not correct.";
          } else {
              setcookie ('username', '$u', time()+10000000, '/');
              setcookie ('password', '$p', time()+10000000, '/');
             header ('Location: http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']).'/newsform.php');
          }
          
      } else {
          $message .= "<p>Please try again.</p>";
      }
  }
  
  require 'header.php';
  ?>
  <table class="sidemove" border="0" width="990" height="380" id="table2" cellpadding="0" cellspacing="0">
      <tr>
          <td class="side" width="146" valign="top">
  <?php
  require 'navigation.htm';
  ?>
          </td>
          <td class="stripbg" width="10">&nbsp;</td>
          <td valign="top">
          <div class="pagemove">
  <p class="title">Please Login</p>
  <?php
  if (isset ($message)) {
      print "$message";
  }
  ?>
  <form name="form" method="post" action="newslogin.php">
  <p>Username: <input type="text" name="username" /></p>
  <p>Password: <input type="password" name="password" /></p>
  <input type="submit" value="Login" />
  </form>
  </div></td>
      </tr>
  </table>
  <table class="sidemove" border="0" width="990" id="table5" cellspacing="0" cellpadding="0">
      <tr>
         <td class="stripbg"><p class="copyright">Web design and original graphic design by <b>[UJ]Space Goat</b></p></td>
      </tr>
  </table>
  
  </body>
  
  </html>

(Obviously, the username and password aren't "user" and "password."

)

I also tried HTTP authentication, too. The results were just as dismal; the popup window wouldn't accept input, it just reloaded with blank fields.

PHP Code:

  <?php
  
  $authorized = FALSE;
  $username = "user";
  $password = "password";
  
  if ($_SERVER['PHP_AUTH_USER'] == $username || $_SERVER['PHP_AUTH_PW'] == $password) {
      $authorized = TRUE;
  }    
  
  if (!$authorized) {
      header('WWW-Authenticate: Basic realm="UJ Restricted"');
      header('HTTP/1.0 401 Unauthorized');
  }
  ?>

(Yes, the server is an Apache server, so it should support PHP use of HTTP authentication.)

Does anyone have any ideas?

Arik · 06-07-2004, 11:39 AM

In the first one, the mistake keeping it from working is the fact that you've got an HTML error, not a PHP one.

<input type="submit" value="Login" />

Your submit button needs a name:

<input type="submit" value="Login" name="submit" />

You've also got a problem with your setcookie functions.

setcookie ('username', '$u', time()+10000000, '/');

The single quote doesn't interpret variables, so in this instance you're not setting the cookie to the value of $u, you're actually setting it to the two characters.

I didn't get a chance to look at your HTTP authentication one yet, and I've got to start my day.

I'll try later this evening.

BTW, what are you using to learn PHP?

Space Goat · 06-11-2004, 10:01 PM

Quote:

Arik Peterson stopped drinking long enough to mumble

In the first one, the mistake keeping it from working is the fact that you've got an HTML error, not a PHP one.

<input type="submit" value="Login" />

Your submit button needs a name:

<input type="submit" value="Login" name="submit" />

You've also got a problem with your setcookie functions.

setcookie ('username', '$u', time()+10000000, '/');

The single quote doesn't interpret variables, so in this instance you're not setting the cookie to the value of $u, you're actually setting it to the two characters.

I didn't get a chance to look at your HTTP authentication one yet, and I've got to start my day.

I'll try later this evening.

BTW, what are you using to learn PHP?

Thanks.

LOL, I can't believe I made that elementary single quote mistake. That's what I get for rushing.

As for the submit button issue, I think I used Dreamweaver to set up the submit button, I'm not sure.

To learn PHP, I've been using PHP for the World Wide Web, 2nd Edition, and PHP and MySQL, both Visual QuickStart Guides by Larry Ullman. The mistakes I made are mine, though, not his.

Thanks again.

06-07-2004, 05:21 AM	#1 (permalink)
Space Goat "It's a faaaake!" Join Date: Jan 1970 Location: Washington, D.C. Posts: 432	So what's wrong with these? I've been trying my hand at PHP coding lately, with marginal success. But, I've yet to get working any login system beyond a simple form that doesn't send cookies, so it hasn't the convenience of autologin. Here's my attempt at a login form that uses cookies. Can anyone tell me what might be wrong with it? All this form will do, is reload itself in its default state when the submit button is pressed. I'm not an experienced scripter, so I'm probably missing something... PHP Code: <?php if (isset ($_POST['submit'])) { if (empty ($_POST['username'])) { $u = FALSE; $message .= "<p>Enter a username, or thou shalt not pass...</p>"; } else { $u = $_POST['username']; } if (empty ($_POST['password'])) { $p = FALSE; $message .= "<p>Enter a password, or thou shalt not pass...</p>"; } else { $p = $_POST['password']; } $ujuser = "user"; $ujpass = "password"; if ($u && $p) { if ( $u != $ujuser \|\| $p != $ujpass ) { $message = "<p>The username and password you entered are not correct."; } else { setcookie ('username', '$u', time()+10000000, '/'); setcookie ('password', '$p', time()+10000000, '/'); header ('Location: http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']).'/newsform.php'); } } else { $message .= "<p>Please try again.</p>"; } } require 'header.php'; ?> <table class="sidemove" border="0" width="990" height="380" id="table2" cellpadding="0" cellspacing="0"> <tr> <td class="side" width="146" valign="top"> <?php require 'navigation.htm'; ?> </td> <td class="stripbg" width="10"> </td> <td valign="top"> <div class="pagemove"> <p class="title">Please Login</p> <?php if (isset ($message)) { print "$message"; } ?> <form name="form" method="post" action="newslogin.php"> <p>Username: <input type="text" name="username" /></p> <p>Password: <input type="password" name="password" /></p> <input type="submit" value="Login" /> </form> </div></td> </tr> </table> <table class="sidemove" border="0" width="990" id="table5" cellspacing="0" cellpadding="0"> <tr> <td class="stripbg"><p class="copyright">Web design and original graphic design by <b>[UJ]Space Goat</b></p></td> </tr> </table> </body> </html> (Obviously, the username and password aren't "user" and "password." ) I also tried HTTP authentication, too. The results were just as dismal; the popup window wouldn't accept input, it just reloaded with blank fields. PHP Code: `<?php $authorized = FALSE; $username = "user"; $password = "password"; if ($_SERVER['PHP_AUTH_USER'] == $username \|\| $_SERVER['PHP_AUTH_PW'] == $password) { $authorized = TRUE; } if (!$authorized) { header('WWW-Authenticate: Basic realm="UJ Restricted"'); header('HTTP/1.0 401 Unauthorized'); } ?>` (Yes, the server is an Apache server, so it should support PHP use of HTTP authentication.) Does anyone have any ideas? __________________ "People should not be afraid of their governments. Governments should be afraid of their people." -V for Vendetta "Don't tell me what I can't do!" -John Locke, Lost Visit me on the web: Hypersyllogistic \| Flickr \| Twitter

06-07-2004, 11:39 AM	#2 (permalink)
Arik Astro-Monkey Join Date: Jan 2010 Location: Here, dumbfuck! Posts: 2,304	In the first one, the mistake keeping it from working is the fact that you've got an HTML error, not a PHP one. <input type="submit" value="Login" /> Your submit button needs a name: <input type="submit" value="Login" name="submit" /> You've also got a problem with your setcookie functions. setcookie ('username', '$u', time()+10000000, '/'); The single quote doesn't interpret variables, so in this instance you're not setting the cookie to the value of $u, you're actually setting it to the two characters. I didn't get a chance to look at your HTTP authentication one yet, and I've got to start my day. I'll try later this evening. BTW, what are you using to learn PHP? __________________ The writers of this post apologize for you being too stupid to understand it.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode