jsd219 wrote:
On May 31, 9:31 am, SterLo <sterling.hamil...@gmail.comwrote:
>Well...
Try this...
It's a little rough but you should get the basic idea.
-------------
<?php
$user1 = "abc";
$user2 = "xyz";
$pass1 = "123";
$pass2 = "456";
$action = (isset($_POST["submit"])) ? $_POST["submit"] :NULL;
if($action == "submit") {
$showForm = false;
$user = $_POST["username"];
$pass = $_POST["password"];
if($user == $user1 && $pass == $pass1) {
/* Include your files here for user1. */
}elseif($user == $user2 && $pass == $pass2) {
/* Include your files here for user2. */
}else{
/* Do error stuff here. */
$showForm = true;
}
}
?>
<?php if($showForm == true) {
<form method="post" action="index.php">
<label for="username">Username:</label>
<input id="username" name="username" type="text" value="" />
<label for="password">Password:</label>
<input id="password" name="password" type="password" value="" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
<?php } ?>
Will this not show the user names and passwords in the source code
allowing anyone to pull up the code and get the passwords?
God bless
jason
Jason,
It could - if they could display the code. A properly configured
webserver will parse the code and only send the results to the browser,
not the code.
But your concern is well founded. I normally put user id's and
passwords in an include file outside the document root.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================