Session to store login information

Storing login info in session. Intentionally used this function auth() to authenticate users from a login form and keep their information within the session, while passing the SID by GET or an other method. At least an introduction to sessions. :-b

Code 1

Usage Example

See Example

See Server Side Code

Server Side Code

<?php
// ----------------------------------------------------------------------------------------
// topic:     Track login vars through a session
// author:    Copyright (c) by Urs Gehrig <admin@circle.ch>
// version:   1.0.0
// update:    26-7-2000
// PHP:       php-4.0.0-win32
//
// handling:  use this function to ask for a login for first time visitors and track their
//            login/password information in a session on your server. i made this routine
//            to workaround cookies. you may need it, if clients do not accept cookies to
//            be set on their system. at the end of your application, you should destroy
//            the session to minimize disk use.
//
// Passwords: your_passwords.txt
//            your_login,your_password
//            my_login,my_password
//
// Browser:   It has been tested it worked with IE5
//
// Enjoy! It took me a day. :-b
// ----------------------------------------------------------------------------------------
 
 
// ----------------------------------------------------------------------------------------
// functions
// ----------------------------------------------------------------------------------------
 
 
      function auth(){
          global $PHP_SELF, $sent, $mysession, $login, $passwd;
 
          if(isset($sent)):                               // from login form
            $login_ok = 0;
            if (isset($login) and isset($passwd)):
              $fp = fopen("your_passwords.txt", "r");
 
              while (feof($fp) == 0):
                $line = chop(fgets($fp,1000));
                $arr = explode(",", $line);
                if (($arr[0] == $login) and ($arr[1] == $passwd)):
                  session_start();
                  $mysession = array ("login" => $login, "passwd" => $passwd, "ID" => session_id(), "valid" => 1);
                  session_register("mysession");
                  return 1;                               // authentication succeeded
                  $login_ok = 1;
                  break;
                endif;
              endwhile;
            endif;
            if(!$login_ok):
              return 0;                                   //access denied
            endif;
 
          else:
            $login_ok = 0;
            session_start();
            foreach($GLOBALS["mysession"] as $elem):
              $ses_tmp[] = $elem;
            endforeach;
 
            $fp = fopen("your_passwords.txt", "r");
 
            while (feof($fp) == 0):
              $line = chop(fgets($fp,1000));
              $arr = explode(",", $line);
              if (($arr[0] == $ses_tmp[0]) AND ($arr[1] == $ses_tmp[1])):
                session_start();
                $mysession = array ("login" => $login, "passwd" => $passwd, "ID" => session_id(), "valid" => 1);
                session_register("mysession");
                return 1;                                 // authentication succeeded
                $login_ok = 1;
                break;
              endif;
            endwhile;
            if(!$login_ok):
              return 0;                                   // access denied
            endif;
          endif;
      }
 
      function LoginForm(){
            global $PHP_SELF;
 
            $header = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD><TITLE>login form</TITLE></HEAD><BODY>';
            $footer = '</BODY></HTML>';
 
            echo $header;
 
            ?>
            <form method="post" action="<?php echo basename($PHP_SELF); ?>" name=loginform>
            <table frame=void rules=none WIDTH="300">
 
            <tr>
              <td align="left">
              login:
              <td align="left">
              <input type="text" name="login" maxlength=50 size=15 style="width: 120px; font-size: 12px">
            <tr>
              <td align="left">
              password:
              <td align="left">
              <input type="password" name="passwd" maxlength=50 size=15 style="width: 120px; font-size: 12px">
            <tr>
              <td align="left">&nbsp;
              <td align="left">&nbsp;
            <tr>
              <td align="left">
              &nbsp;
              <td align="left">
              <input type=submit value="login" name="sent" style="width: 50px; heigth: 18px; font-size: 12px">
            </table>
            </form>
 
            <script type="text/javascript">
            <!--
            if (document.loginform) {
               document.loginform.login.focus();
            }
            // -->
            </script>
          <?php
 
          echo $footer;
      }
 
// ----------------------------------------------------------------------------------------
// main
// ----------------------------------------------------------------------------------------
 
      //init vars;
      $mysession = array ("login"=>FALSE, "passwd"=>FALSE, "ID"=>FALSE, "valid"=>FALSE);
      $uri = basename($PHP_SELF);
      $stamp = md5(srand(5));
 
 
      if(!auth()):                 // authentication failed
        LoginForm();               // display login form
 
      else:                        // authentication was successful
        if (isset($sent)):
          $tmp = session_id();
          echo "logged in from <b>login form</b><br><br>";
          echo "Your login name: <b>".$mysession["login"]."</b><br>";
          echo "Your password:   <b>".$mysession["passwd"]."</b><br>";
          echo "<br><br><br><a href='$uri?SID=$tmp'>load</a>";
        else:
          $tmp = session_id();
          echo "logged in from <b>session:</b> $tmp<br>";
          echo "changing <b>stamp:</b> $stamp<br><br>";
          echo "Your login name: <b>".$mysession["login"]."</b><br>";
          echo "Your password:   <b>".$mysession["passwd"]."</b><br>";
          echo "<br><br><br><a href='$uri?SID=$tmp&stamp=$stamp'>load</a>";
        endif;
      endif;
 
?>

Candidate Code Suggestions

Add your suggestions and links here.