By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,967 Members | 1,710 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,967 IT Pros & Developers. It's quick & easy.

login script with two levels of access

P: n/a
Can anyone help with this code please! I am a novice and need help.

I have two hard coded user ids and passwords with an additional field
called level. for the sake of
this explanation lets call them.
user_id - abc password - 123 level - 1
user-id - xyz password - 456 level - 2

I have two separate admin pages called list_pages.php and
list_pages1.php

I need a login to allow people that sign in with login "abc" to be
able to access "list_pages.php" and people that login in with "xyz"
to be able to access "list_pages1.php"

can anyone help, Please. I am desperate

God bless
jason

May 31 '07 #1
Share this Question
Share on Google+
4 Replies


P: n/a
Well...

Try this...

It's a little rough but you should get the basic idea.
-------------
<?php
$user1 = "abc";
$user2 = "xyz";
$pass1 = "123";
$pass2 = "456";

$action = (isset($_POST["submit"])) ? $_POST["submit"] :NULL;

if($action == "submit") {
$showForm = false;
$user = $_POST["username"];
$pass = $_POST["password"];
if($user == $user1 && $pass == $pass1) {
/* Include your files here for user1. */
}elseif($user == $user2 && $pass == $pass2) {
/* Include your files here for user2. */
}else{
/* Do error stuff here. */
$showForm = true;
}
}
?>
<?php if($showForm == true) {
<form method="post" action="index.php">
<label for="username">Username:</label>
<input id="username" name="username" type="text" value="" />
<label for="password">Password:</label>
<input id="password" name="password" type="password" value="" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
<?php } ?>

May 31 '07 #2

P: n/a
On May 31, 9:31 am, SterLo <sterling.hamil...@gmail.comwrote:
Well...

Try this...

It's a little rough but you should get the basic idea.
-------------
<?php
$user1 = "abc";
$user2 = "xyz";
$pass1 = "123";
$pass2 = "456";

$action = (isset($_POST["submit"])) ? $_POST["submit"] :NULL;

if($action == "submit") {
$showForm = false;
$user = $_POST["username"];
$pass = $_POST["password"];
if($user == $user1 && $pass == $pass1) {
/* Include your files here for user1. */
}elseif($user == $user2 && $pass == $pass2) {
/* Include your files here for user2. */
}else{
/* Do error stuff here. */
$showForm = true;
}
}
?>
<?php if($showForm == true) {
<form method="post" action="index.php">
<label for="username">Username:</label>
<input id="username" name="username" type="text" value="" />
<label for="password">Password:</label>
<input id="password" name="password" type="password" value="" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
<?php } ?>
Will this not show the user names and passwords in the source code
allowing anyone to pull up the code and get the passwords?

God bless
jason

May 31 '07 #3

P: n/a
jsd219 wrote:
On May 31, 9:31 am, SterLo <sterling.hamil...@gmail.comwrote:
>Well...

Try this...

It's a little rough but you should get the basic idea.
-------------
<?php
$user1 = "abc";
$user2 = "xyz";
$pass1 = "123";
$pass2 = "456";

$action = (isset($_POST["submit"])) ? $_POST["submit"] :NULL;

if($action == "submit") {
$showForm = false;
$user = $_POST["username"];
$pass = $_POST["password"];
if($user == $user1 && $pass == $pass1) {
/* Include your files here for user1. */
}elseif($user == $user2 && $pass == $pass2) {
/* Include your files here for user2. */
}else{
/* Do error stuff here. */
$showForm = true;
}
}
?>
<?php if($showForm == true) {
<form method="post" action="index.php">
<label for="username">Username:</label>
<input id="username" name="username" type="text" value="" />
<label for="password">Password:</label>
<input id="password" name="password" type="password" value="" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
<?php } ?>

Will this not show the user names and passwords in the source code
allowing anyone to pull up the code and get the passwords?

God bless
jason
Jason,

It could - if they could display the code. A properly configured
webserver will parse the code and only send the results to the browser,
not the code.

But your concern is well founded. I normally put user id's and
passwords in an include file outside the document root.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
May 31 '07 #4

P: n/a
C.
On 31 May, 19:58, Jerry Stuckle <jstuck...@attglobal.netwrote:
>
It could - if they could display the code. A properly configured
webserver will parse the code and only send the results to the browser,
not the code.

But your concern is well founded. I normally put user id's and
passwords in an include file outside the document root.
See also the recent thread 'how to not write password in code for
using to mysql?'

(also at http://groups.google.co.uk/group/com...df0802/?hl=en#)

C.

May 31 '07 #5

This discussion thread is closed

Replies have been disabled for this discussion.