|
|
Posted by Jerry Stuckle on 05/31/07 18:58
jsd219 wrote:
> On May 31, 9:31 am, SterLo <sterling.hamil...@gmail.com> wrote:
>> Well...
>>
>> Try this...
>>
>> It's a little rough but you should get the basic idea.
>> -------------
>> <?php
>> $user1 = "abc";
>> $user2 = "xyz";
>> $pass1 = "123";
>> $pass2 = "456";
>>
>> $action = (isset($_POST["submit"])) ? $_POST["submit"] :NULL;
>>
>> if($action == "submit") {
>> $showForm = false;
>> $user = $_POST["username"];
>> $pass = $_POST["password"];
>> if($user == $user1 && $pass == $pass1) {
>> /* Include your files here for user1. */
>> }elseif($user == $user2 && $pass == $pass2) {
>> /* Include your files here for user2. */
>> }else{
>> /* Do error stuff here. */
>> $showForm = true;
>> }
>> }
>> ?>
>> <?php if($showForm == true) {
>> <form method="post" action="index.php">
>> <label for="username">Username:</label>
>> <input id="username" name="username" type="text" value="" />
>> <label for="password">Password:</label>
>> <input id="password" name="password" type="password" value="" />
>> <input type="submit" name="submit" id="submit" value="Submit" />
>> </form>
>> <?php } ?>
>
> Will this not show the user names and passwords in the source code
> allowing anyone to pull up the code and get the passwords?
>
> God bless
> jason
>
Jason,
It could - if they could display the code. A properly configured
webserver will parse the code and only send the results to the browser,
not the code.
But your concern is well founded. I normally put user id's and
passwords in an include file outside the document root.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|