Menu
Community /Pin to ProfileBookmark
@NogDogDec 20.2009 — #There is really no reason for two arrays since you already have the user names in the $passwords array:
(Also: don't quote your variable names when using them as an array index.)@NogDogDec 20.2009 — #This checks the user name, since it is the array key in the $passwords array:
In other words, this already has the user name [b]and[/b] password data in it:
So there is really no reason for a second array to duplicate those same user names (it's just one more thing to have to maintain).@NogDogDec 21.2009 — #
Many would argue that that gives too much information to a potential hacker by telling him that he's correctly guessed the user name, so all he has to work on now is the password.
But then we're probably (hopefully?) not looking at a critical, high security site if we're putting the passwords in plain text in the source code, right? ?
Simple PHP Login: Check password for username entered.
I have a simple sticky login form(user name, password, and confirm password) that uses a session; it is for local network use. I have that form input sent to another page that checks if the user name is in one array, and I need it to check the password against the password for the particular user name entered. This instead of just checking against all of the passwords in the second array. Checking the $user_name works fine: but, checking the password for the user name entered is FALSE no matter what I try.
I thought the basic “check” would look something like this after getting the inputs; I just made up the $names, and $passwords, arrays for now:
[CODE]// Get form input
$user_name = trim($_REQUEST[‘user_name’]);
$password = trim($_REQUEST[‘password’]);
$password_one = trim($_REQUEST[‘password_one’]);
// Arrays to check input against
$names = array(‘Ben’, ‘Wess’, ‘Dave’, ‘Robin’, ‘Sarah’);
$passwords = array(‘Ben’=>”argh”, ‘Wess’=>”fffff”, ‘Dave’=>”harry”,
‘Robin’=>”987654321″, ‘Sarah’=>”trueBlue”);
// Check Form Input
if (!empty($user_name) AND in_array($user_name, $names))
{
if (!empty($password) AND !empty($password_one) AND $password==$password_one AND in_array($password, $passwords[‘$user_name’]))
{
print “You have logged in successfully”;
}
I think I’m doing something wrong on this line:
[CODE]AND in_array($password, $passwords[‘$user_name’])
But I’m relatively new to PHP, and I can’t seem to get it working properly.
Any help would be greatly appreciated, Thank you!
Sign in
to post a comment5 Comments(s) ↴
0
@NogDogDec 20.2009 — #There is really no reason for two arrays since you already have the user names in the $passwords array:[code=php]
if ( !empty($user_name)
AND !empty($password)
AND $password==$password_one
AND isset($passwords[$user_name])
AND $password == $passwords[$user_name]
) {
print "You have logged in successfully";
}
[/code](Also: don't quote your variable names when using them as an array index.)
0
@NogDogDec 20.2009 — #This checks the user name, since it is the array key in the $passwords array:[code=php]
AND isset($passwords[$user_name])
[/code]In other words, this already has the user name [b]and[/b] password data in it:
[code=php]
$passwords = array(
'manny' => 'pwd1',
'moe' => 'pwd2',
'jack' => 'pwd3'
);
[/code]So there is really no reason for a second array to duplicate those same user names (it's just one more thing to have to maintain).
0
@NogDogDec 21.2009 — #
...I am using two if statements because I want the user to know if they mess up on the $user_name or the $password...[/QUOTE]
Many would argue that that gives too much information to a potential hacker by telling him that he's correctly guessed the user name, so all he has to work on now is the password.
But then we're probably (hopefully?) not looking at a critical, high security site if we're putting the passwords in plain text in the source code, right? ?