07-27-2008, 06:48 PM
|
#2 (permalink)
|
|
The Acquainted
Join Date: May 2008
Location: Québec
Posts: 104
Thanks: 10
|
Solved
PHP Code:
<?php
//sessions must be initialized prior to any output if output buffering if off
session_start();
//the list of files containing passwords
$files = array(
"file1.txt",
"file2.txt",
"file3.txt"
);
//if list of users not set create a new array
if(!isset($_SESSION['users']))
$_SESSION['users'] = array();
if(isset($_POST['username']) && isset($_POST['password'])){
//need to remove slashes from POST if magic_quotes are on
if(get_magic_quotes_gpc()){
$_POST['username'] = stripslashes($_POST['username']);
$_POST['password'] = stripslashes($_POST['password']);
}
$userFound = false; //we need this to exit the loops
foreach($files as $file){ //loop every file in the $files array
if($fh = fopen($file, "r")){
while(!feof($fh) && !$userFound){ //while not the end of the current file or the user was not found
list($username, $password, $url) = explode(",", fgets($fh,1024));
if(($username == $_POST['username']) && ($password = $_POST['password'])){
$_SESSION['username'] = $username;
$_SESSION['present'] = true;
array_push($_SESSION['users'], $username); //add the current user to the list of users
header("Location: ".$url);
$userFound = true; //confirm that the user was found
}
}
fclose($fh);
//we need to use break to exit the foreach loop if the user is found in one of the files
if($userFound)
break;
} else
echo "Unable to open a required password file: $file";
}
if(!$userFound)
login('Wrong username or password.<br />');
} else {
login();
}
?>
<?php
function login($response='Admin login') {
?>
<p><?=$response?></p>
<form action="" method="post">
<b>User name</b>
<input name="username" type="text" />
<b>Code</b>
<input name="password" type="password">
<input type="submit" value="Login" />
</form>
<?php } ?>
__________________
That's why we are not alone on earth... let's build !
|
|
|
|