Differences

This shows you the differences between two versions of the page.

Link to this comparison view

computers:session_to_store_login_information [2015/03/24 05:42] (current)
Line 1: Line 1:
 +====== Session to store login information ======
 +Storing login info in session. ​ Intentionally used this function auth() to authenticate users from a login form and keep their information within the session, while passing the SID by GET or an other method. ​ At least an introduction to sessions. :-b
  
 +====== Code 1 ======
 +Reference: [[http://​www.zend.com/​code/​codex.php?​id=241&​single=1]]
 +
 +==== Usage Example ====
 +See [[http://​www.circle.ch/​scripts/​test/​session/​ | Example]]
 +
 +<code php> ​
 +See Server Side Code
 +
 +</​code>​
 +
 +==== Server Side Code  ====
 +
 +<code php>
 +<?php
 +// ----------------------------------------------------------------------------------------
 +// topic: ​    Track login vars through a session
 +// author: ​   Copyright (c) by Urs Gehrig <​admin@circle.ch>​
 +// version: ​  1.0.0
 +// update: ​   26-7-2000
 +// PHP:       ​php-4.0.0-win32
 +//
 +// handling: ​ use this function to ask for a login for first time visitors and track their
 +//            login/​password information in a session on your server. i made this routine
 +//            to workaround cookies. you may need it, if clients do not accept cookies to
 +//            be set on their system. at the end of your application,​ you should destroy
 +//            the session to minimize disk use.
 +//
 +// Passwords: your_passwords.txt
 +//            your_login,​your_password
 +//            my_login,​my_password
 +//
 +// Browser: ​  It has been tested it worked with IE5
 +//
 +// Enjoy! It took me a day. :-b
 +// ----------------------------------------------------------------------------------------
 +
 +
 +// ----------------------------------------------------------------------------------------
 +// functions
 +// ----------------------------------------------------------------------------------------
 +
 +
 +      function auth(){
 +          global $PHP_SELF, $sent, $mysession, $login, $passwd;
 +
 +          if(isset($sent)): ​                              // from login form
 +            $login_ok = 0;
 +            if (isset($login) and isset($passwd)):​
 +              $fp = fopen("​your_passwords.txt",​ "​r"​);​
 +
 +              while (feof($fp) == 0):
 +                $line = chop(fgets($fp,​1000));​
 +                $arr = explode(",",​ $line);
 +                if (($arr[0] == $login) and ($arr[1] == $passwd)):
 +                  session_start();​
 +                  $mysession = array ("​login"​ => $login, "​passwd"​ => $passwd, "​ID"​ => session_id(),​ "​valid"​ => 1);
 +                  session_register("​mysession"​);​
 +                  return 1;                               // authentication succeeded
 +                  $login_ok = 1;
 +                  break;
 +                endif;
 +              endwhile;
 +            endif;
 +            if(!$login_ok):​
 +              return 0;                                   //​access denied
 +            endif;
 +
 +          else:
 +            $login_ok = 0;
 +            session_start();​
 +            foreach($GLOBALS["​mysession"​] as $elem):
 +              $ses_tmp[] = $elem;
 +            endforeach;
 +
 +            $fp = fopen("​your_passwords.txt",​ "​r"​);​
 +
 +            while (feof($fp) == 0):
 +              $line = chop(fgets($fp,​1000));​
 +              $arr = explode(",",​ $line);
 +              if (($arr[0] == $ses_tmp[0]) AND ($arr[1] == $ses_tmp[1])):​
 +                session_start();​
 +                $mysession = array ("​login"​ => $login, "​passwd"​ => $passwd, "​ID"​ => session_id(),​ "​valid"​ => 1);
 +                session_register("​mysession"​);​
 +                return 1;                                 // authentication succeeded
 +                $login_ok = 1;
 +                break;
 +              endif;
 +            endwhile;
 +            if(!$login_ok):​
 +              return 0;                                   // access denied
 +            endif;
 +          endif;
 +      }
 +
 +      function LoginForm(){
 +            global $PHP_SELF;
 +
 +            $header = '<​!DOCTYPE HTML PUBLIC "​-//​W3C//​DTD HTML 4.0 Transitional//​EN"><​HTML><​HEAD><​TITLE>​login form</​TITLE></​HEAD><​BODY>';​
 +            $footer = '</​BODY></​HTML>';​
 +
 +            echo $header;
 +
 +            ?>
 +            <form method="​post"​ action="<?​php echo basename($PHP_SELF);​ ?>" name=loginform>​
 +            <table frame=void rules=none WIDTH="​300">​
 +
 +            <tr>
 +              <td align="​left">​
 +              login:
 +              <td align="​left">​
 +              <input type="​text"​ name="​login"​ maxlength=50 size=15 style="​width:​ 120px; font-size: 12px">​
 +            <tr>
 +              <td align="​left">​
 +              password:
 +              <td align="​left">​
 +              <input type="​password"​ name="​passwd"​ maxlength=50 size=15 style="​width:​ 120px; font-size: 12px">​
 +            <tr>
 +              <td align="​left">&​nbsp;​
 +              <td align="​left">&​nbsp;​
 +            <tr>
 +              <td align="​left">​
 +              &nbsp;
 +              <td align="​left">​
 +              <input type=submit value="​login"​ name="​sent"​ style="​width:​ 50px; heigth: 18px; font-size: 12px">​
 +            </​table>​
 +            </​form>​
 +
 +            <script type="​text/​javascript">​
 +            <!--
 +            if (document.loginform) {
 +               ​document.loginform.login.focus();​
 +            }
 +            // -->
 +            </​script>​
 +          <?php
 +
 +          echo $footer;
 +      }
 +
 +// ----------------------------------------------------------------------------------------
 +// main
 +// ----------------------------------------------------------------------------------------
 +
 +      //init vars;
 +      $mysession = array ("​login"​=>​FALSE,​ "​passwd"​=>​FALSE,​ "​ID"​=>​FALSE,​ "​valid"​=>​FALSE);​
 +      $uri = basename($PHP_SELF);​
 +      $stamp = md5(srand(5));​
 +
 +
 +      if(!auth()): ​                // authentication failed
 +        LoginForm(); ​              // display login form
 +
 +      else:                        // authentication was successful
 +        if (isset($sent)):​
 +          $tmp = session_id();​
 +          echo "​logged in from <​b>​login form</​b><​br><​br>";​
 +          echo "Your login name: <​b>"​.$mysession["​login"​]."</​b><​br>";​
 +          echo "Your password: ​  <​b>"​.$mysession["​passwd"​]."</​b><​br>";​
 +          echo "<​br><​br><​br><​a href='​$uri?​SID=$tmp'>​load</​a>";​
 +        else:
 +          $tmp = session_id();​
 +          echo "​logged in from <​b>​session:</​b>​ $tmp<​br>";​
 +          echo "​changing <​b>​stamp:</​b>​ $stamp<​br><​br>";​
 +          echo "Your login name: <​b>"​.$mysession["​login"​]."</​b><​br>";​
 +          echo "Your password: ​  <​b>"​.$mysession["​passwd"​]."</​b><​br>";​
 +          echo "<​br><​br><​br><​a href='​$uri?​SID=$tmp&​stamp=$stamp'>​load</​a>";​
 +        endif;
 +      endif;
 +
 +?>
 +
 +
 +</​code>​
 +
 +
 +====== Candidate Code Suggestions ======
 +Add your suggestions and links here.