• 0

PHP: user checking


Question

this is test.php:

<?
if(isset($page)){
	if($page == "1"){
  include('admin.php');
  echo "page 1!<br>\nThis page required the admin pass entered<p>\n<a href=\"javascript:history.go(-1);\">go back</a>";
	}elseif($page == "2"){
  echo "page 2!<p>\n<a href=\"javascript:history.go(-1);\">go back</a>";
	}
}else{
	include('admin.php');
	echo "Just a test document for the admin script!<br>\n(you can see this if you get the username/password right)<p>\n<a href=\"$PHP_SELF?page=1\">page1</a> | <a href=\"$PHP_SELF?page=2\">page2</a>\n\n";
}
?>

This is admin.php:

<?
$set_username = "test";
$set_password = "test";

if(!isset($username)){ $username = $set_username; }
if(!isset($password)){ $password = $set_password; }

if((isset($user)) && (isset($pass))){
	if(($user != $username) || ($pass != $password)){
  echo "<font size=5>401 - Access Denied</font><p>\n";
  echo "Invalid usename/password combination, please <a href=\"javascript:history.go(-1);\">try again</a>.";
  exit;
	}
}else{
	echo "<p align=center><font size=5><b>Authorisation Required</b></font></p>\n\n";
	echo "<p align=\"center\">\n";
	echo "<form name=\"authentication\" method=\"post\" action=\"$PHP_SELF\">\n";
	echo "<table>\n";
	echo "\t<tr>\n";
	echo "\t\t<td><div align=\"right\">Username:</div></td>\n";
	echo "\t\t<td><div align=\"left\">\n";
	echo "\t\t<input type=\"text\" name=\"user\" value=\"$user\">\n";
	echo "\t\t</div></td>\n";
	echo "\t</tr>\n";
	echo "\t<tr>\n";
	echo "\t\t<td><div align=\"right\">Password:</div></td>\n";
	echo "\t\t<td><div align=\"left\">\n";
	echo "\t\t<input type=\"password\" name=\"pass\" value\"$pass\">\n";
	echo "\t\t</div></td>\n";
	echo "\t</tr>\n";
	echo "\t<tr>\n";
	echo "\t\t<td colspan=\"2\"><div align=\"center\">\n";
	echo "\t\t<input type=\"submit\" name=\"Submit\" value=\"Submit\">\n";
	echo "\t\t</div></td>\n";
	echo "\t</tr>\n";
	echo "</table>\n";
	echo "</form>\n";
	echo "</p>\n\n";
	exit;
}
?>

This works all fine, and the pages with admin.php included need the user & pass entered. But when u go from "test.php?page=" to "test.php?page=1" the password needs to be entered again... i want to know how i can make it so i dont need to enter the password twice.

Will cookies be secure? -could i make an expiring cookie for the user & pass

I dont want to put the user & pass in the URL coz its shared

Link to comment
Share on other sites

1 answer to this question

Recommended Posts

  • 0

cause you dont include the admin pw / that code in that {} bracket?

equally dude, you dont need all those echos, just one to open and pressing enter as opposed to /n does the trick, saves space, and hassle.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.