Posted by J. Frank Parnell on 08/17/07 17:50

On Fri, 17 Aug 2007 12:27:03 GMT, "Serious_Practitioner"
<Serious_PractitionerNOSPAM@att.net> wrote:

>(Also posted to alt.php on 16 Aug 07)
>
>Good day -
>
>I am looking for a log-in script


script you want to protect:
if ($_GET['user']){
include 'loginscript.php';
securityCheck($_GET['user']);
}


loginscript.php:
<?php

function securityCheck($user){

$nodirectaccess = 1;
include 'config/passwords.php';
//passwords.php:
//if ($nodirectaccess != 1){die();}
//$admin = 'bob';
//$passwords[$admin] = 'secretpassword';
//$passwords[USER] = 'PASS';
//$passwords['user1'] = 'test1';

$userpassword = $passwords[$user];


if ( (!isset($_POST["user"])) OR (!isset($_POST["userpassword"]))){$tests
='nottaken';}

if (($_POST["user"] == $user) AND ($_POST["userpassword"] == $userpassword))
{ setcookie("password", $userpassword, time()+60*60*24*2999,
"/");//--sec*min*hour*days
$tests ='good';}

if (($_COOKIE["password"] == $userpassword)AND(isset($_COOKIE["password"]))){
$tests='good';}
// or admin
if (($_POST["user"] == $admin) AND ($_POST["userpassword"] ==
$passwords[$admin]))
{ setcookie("password", $passwords[$admin], time()+60*60*24*2999,
"/");//--sec*min*hour*days
$tests ='good';}

if (($_COOKIE["password"] ==
$passwords[$admin])AND(isset($_COOKIE["password"]))){
$tests='good';}
// end or admin




if ($tests !='good'){
echo '<br /><br /><br />';

if ($tests !='nottaken'){echo "Sorry, you've entered the wrong info. ";}
echo '
<form action="'.$_SERVER['REQUEST_URI'].'" method="post"
name="the_form">
user name: <input type="text" name="user" size="8"
id="name"><br><br>
password: <input name="userpassword" type="text"
size="8">
<br>then <input name="submit" type="submit" value="click
here" >
</form><br>
<br>
If you have cookies enabled in your browser, you will
not have to login unless you delete your cookies.
<br /><br /><br /></div>

<script language="JavaScript"><!--
document.getElementById(\'name\').focus();
//--></script>
';
die;
}
}// end func securityCheck()

?>

• Next in forum: cron or command line: run a very long php script
• Prev in forum: Re: ereg_replace hangs script execution
• Thread view: Re: Looking for a login script

[Reply to this message]