simple php cookie login and page protection

A

Anonymous

Guest
:D Hello every one.

I am learning php at the moment and I am trying to figure out a simple login that protects various pages with cookies by adding a check if cookie set or not on top of the pages to protect.

I tried to figure out but it does not work as I do not understand well the way the cookie has to be set.
What comes first
checking cookie for info?
entering the user and pass first? then check cookie,...

If someone could explain this it would be great.

Anyhow here is my noobish code.

Hope someone can write it the way to work(i know youre not the one that should write it) its true. I just wanna learn out of it.

Here comes the code

Code: 
<?
	include("info.inc");

if (isset($usuario) && ($codigo)) {
	setcookie("usuario",$user);
	setcookie("codigo",$code);
	}else{
?>

<form method="POST" action="<? echo $PHP_SELF ?>">
<p align="center"> </p>
<p align="center"> </p>
<p align="center"><font face="Verdana" size="2"><u>Usuario:</u></font><input type="text" name="usuario" size="20"></p>
<p align="center"><u>Código: </u><input type="text" name="codigo" size="20"></p>
</form>

<p align="center"><input type="submit" value="Comprobar" name="B1">

<?
}
?>

By the way,...i got the variables $user and $pass in the inc file
<?
$usuario ="test";
$codigo = "test";
?>
The only thing i get here is a white page.(suppose cookie has been set somehow)

Thanks in advance for any help you can give me.

Best regards,
Sky[/code]
 
The problem is that you are checking whether the variables exist, instead of comparing the user entered ones with the ones in your included file.

include file :

Code: 
$user = "test";
$pass = "test";

other page :

Code: 
require("includefile.php");

if ($submit) {

if (($usuario == $user) && ($codigo == $pass)) {

// set the cookies
echo "cookies have been set";

} else {

echo "the username did not match";

} } else {

// print the form
?>

<form method="POST" action="<? echo $PHP_SELF ?>"> 
<p align="center"> </p> 
<p align="center"> </p> 
<p align="center"><font face="Verdana" size="2"><u>Usuario:</u></font><input type="text" name="usuario" size="20"></p> 
<p align="center"><u>Código: </u><input type="text" name="codigo" size="20"></p> 
</form> 
<p align="center"><input type="submit" name="submit" value="Comprobar"> 

<?PHP }

this should work, but it isn't a very secure method of authentication.

check the manual, it will show you how to set cookies

hope that helps!
 
Hello and thanks for your reply.

When you say set cookies is this the part i did on my code?
And why you say its not very secure?
How can I improve security on it?

Sky
 
You must log in or register to reply here.
Back
Top