SitePoint Sponsor

User Tag List

Results 1 to 11 of 11
  1. #1
    SitePoint Wizard dragonfly_7456's Avatar
    Join Date
    Dec 2002
    Location
    Moscow, USSR
    Posts
    1,092
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Need help with multiple users in script.

    I have a fairly small shoutbox script that only has one file and one admin account. Originaly, It was a very simple script that I downloaded, and then I modified it. I was wondering how to add more than one admin, keeping the same password for all of them. Here are the parts of the script related to the admin account:
    Code:
    $username = "Dragonfly";
    $password = "123";
    Code:
    if ($name == "name" ) {
    print "<meta http-equiv=\"refresh\" content=\"0; URL=index.php?message=Enter+Name&info2=$info&site2=$site\">";
    } elseif ($name == "" ) {
    print "<meta http-equiv=\"refresh\" content=\"0; URL=index.php?message=Enter+Name&info2=$info&site2=$site\">";
    } elseif (strstr($name, "#" )) {
    $user = explode("#", $name);
    if ($user[0] == "$username" && $user[1] == "$password" ) {
    $newname = "BBCODE";
    print "<meta http-equiv=\"refresh\" content=\"0; URL=sbox.php?act=adda&info=$info&site=$site&name=$newname\">"; 
    } else {
    print "<meta http-equiv=\"refresh\" content=\"0; URL=index.php?message=Wrong User/Pass&name2=$name&site2=$site&info2=$info\">";
    }
    It uses a system where the admin post with an account of Admin#password. You can see it live at www.neofrontier.com/ on the bottom right side

    Well, as you can see, I've already got Dragonfly#123, well, how would I add a second account, so that say Other#123 could also login as admin..??
    Content Writing Service - Get custom SEO articles for 10$

  2. #2
    ********* Member website's Avatar
    Join Date
    Oct 2002
    Location
    Iceland
    Posts
    1,238
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Something like:
    PHP Code:
    //instead of this:
    if ($user[0] == "$username&& $user[1] == "$password) {
    //do something like this:
    if (($user[0] == "$username1&& $user[1] == "$password1") || ($user[0] == "$username2&& $user[1] == "$password2")) { 
    ?
    - website

  3. #3
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Why not just go the whole hog and re-write a completely new admin script that uses mysql ? Then have a log in box to accept any user... strange

  4. #4
    SitePoint Wizard dragonfly_7456's Avatar
    Join Date
    Dec 2002
    Location
    Moscow, USSR
    Posts
    1,092
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Now i would if I could. I'm trying to work with php with the skillset that I already have...

    Is it possible for it to accept any user as long as the password is correct? That would be better.

    So that admin#password, you#password, and me#password could all use the same pass without having to be included into the actual script.
    Content Writing Service - Get custom SEO articles for 10$

  5. #5
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Depends on how secure you want things to be ? Why not have the Password scripted into the page, and then read in the available usernames from a file ? This then would give you the usernames within an array and you can use the function in_array(..., ...) to check that the username given is within the array - ie a valid match against the file ? You could also have .htaccess to give at least some security towards your pages as well...

  6. #6
    SitePoint Wizard dragonfly_7456's Avatar
    Join Date
    Dec 2002
    Location
    Moscow, USSR
    Posts
    1,092
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What would you suggest adding into the .htaccess?

    But really, security is not too important. Not at this phase. Hehe. How would I allow any username with the correct password to log in as admin? All this admin thing is doing is making your name italicized and red, while you cannot normally do that. Lol, it shouldn't be too hard...
    Content Writing Service - Get custom SEO articles for 10$

  7. #7
    SitePoint Wizard dragonfly_7456's Avatar
    Join Date
    Dec 2002
    Location
    Moscow, USSR
    Posts
    1,092
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    About your last suggestion Dr.Livingston. Are you suggesting that I put the usernames of the admin into a txt file, and call them from there, and then have the script verify if the username from the txt file and the given username + the password match and are correct?

    Lol. You do realize that I am a complete php newbie, and can barely edit existing scripts. But if you can help me out, then sure, I'll give it a try. I like the *sound* of the idea.
    Content Writing Service - Get custom SEO articles for 10$

  8. #8
    ********* Member website's Avatar
    Join Date
    Oct 2002
    Location
    Iceland
    Posts
    1,238
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:
    //instead of this:
    if ($user[0] == "$username&& $user[1] == "$password) {
    //do this
    if ($user[1] == "$password) { 
    Then it ignores the user...
    - website

  9. #9
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'll see what I can do; first you'd need a script to read in from the text file to an array ?

  10. #10
    ********* Wizard silver trophy Cam's Avatar
    Join Date
    Aug 2002
    Location
    Burpengary, Australia
    Posts
    4,495
    Mentioned
    0 Post(s)
    Tagged
    1 Thread(s)
    How about something like this?
    PHP Code:
    $file file('/path/to/adminlist.txt');
    $user explode('#'$name);

    if ( 
    in_array($user[0], $file) && $user[1] == 'password' ) {
       
    $newname "BBCODE";
       print 
    "<meta http-equiv=\"refresh\" content=\"0; URL=sbox.php?act=adda&info=$info&site=$site&name=$newname\">"
    } else {
       print 
    "<meta http-equiv=\"refresh\" content=\"0; URL=index.php?message=Wrong User/Pass&name2=$name&site2=$site&info2=$info\">";

    The file would look like this
    Code:
    user1
    admin
    steve_perry
    i_am_king_admin_chief

  11. #11
    SitePoint Wizard dragonfly_7456's Avatar
    Join Date
    Dec 2002
    Location
    Moscow, USSR
    Posts
    1,092
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yup, thats almost it, but it doesn't get the usernames from the txt file for some reason. For any and every name#password that I use that is in the adminlist.txt it gives me "Wrong user/pass"

    Well, since the pass is obviously correct, then that means its the username part that isn't working...
    Content Writing Service - Get custom SEO articles for 10$


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •