I am looking for help with session handling.
I have modified Joe Jarosciak`s password script slightly, so that instead of
logging in to d/l files, you login to one or two secure area`s. (depending
on the access level of password used)
How and where can i modify this more, so that a session will be created, and
the logged-in users data will be passed over to the two secure area`s??
e.g. pass the login information to the two secure area pages, so they can
evaluate if the user is allowed to view them or not!
Heres the sript so far:
<------------------- index.php------------------->
<html>
<head>
</head>
<body bgcolor="#FFFFFF">
<table border="1" width="100%" bgcolor="#000000" bordercolor="#000000"
cellspacing="0">
<tr>
<td width="100%">
<p align="center"><b><font size="4" color="#FFFFFF">Authorized Access
Only</font></b></td>
<form method="POST" action="secure.php">
<center>
</tr>
</table>
<address align="center"> </address>
<address align="center"> </address>
<address align="center"><b>Name:</b></address>
<address align="center"> <input type="text" name="PHP_AUTH_USER"
size="20" value=""></address>
<address align="center"> </address>
<address align="center"><b>Password:</b></address>
<address align="center"><input type="password" name="PHP_AUTH_PW"
size="20" value=""></address>
<p align="center"><input type="submit" value="Login" name="B1"> <input
type="reset" value="Reset"> </p>
</form>
</body>
</html>
<--------------------end index.php------------------->
<---------------------secure.php--------------------->
<?php
$auth = false;
if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {
$filename = ("D:\Inetpub\wwwroot\password\vault\passwords.txt");
$fp = fopen( $filename, 'r' );
$file_contents = fread( $fp, filesize( $filename ) );
fclose( $fp );
$lines = explode ( "\n", $file_contents );
foreach ( $lines as $line ) {
list($username,$password,$tc,$fc) = explode(':', $line );
// echo '<br>';
// echo $username;
// echo ' : ';
// echo $password;
// echo '<br>';
if (( $username == "$PHP_AUTH_USER" ) && ( $password ==
"$PHP_AUTH_PW" )) {
$auth = true;
break;
}
}
}
// ==================Header + IP Checking======================
$updated_from=getenv("REMOTE_ADDR");
print ('
<div align="center">
<center><table border="1" cellpadding="0" cellspacing="0" width="667"
bgcolor="#000000" bordercolor="#000000"><tr>
<td width="100%">
<p align="center"><font color="#FFFFFF" size="0"> Connected from (IP): ');
print '<font color="#FFFF00">';
print $updated_from;
print '</font></font><font color="#FFFF00" size="0"> </font><font
color="#FFFFFF"><font size="0"> |
<font size="1"> Your username - </font>';
print '<font color="#FFFF00">';
print $PHP_AUTH_USER;
print '</font></font></font><font color="#0000FF"
size="0"> </font><font color="#FFFF00" size="0">
</font></p></td></tr></table></center><br></div>';
// ==================end - Header + IP Checking======================
// ==================on support or not=======================
if (! $auth)
{
echo '<br> You used username: ';
echo $PHP_AUTH_USER;
echo '<br> You used password: ';
echo $PHP_AUTH_PW;
echo '<br>';
echo '<br><center>';
echo '<br>';
echo '<p><font color="#000000"><b>Sorry, but this is wrong.
Authorization with right username and password is Required!</b></font></p>';
exit;
}
if (($auth) and ($tc == '1'))
{
print '<b><font color="#000000" size="1">- You are authorized for access
area 1.</font></b><br>' ;
}
if (($auth) and ($fc == '1'))
{
print '<b><font color="#000000" size="1">- You are authorized for access
area 2.</font></b><br>' ;
}
if (($auth) and ($tc == '0'))
{
print '<b><font color="#FF0000" size="1">- You are not authorized for
access area 1.</font></b><br>' ;
}
if (($auth) and ($fc == '0'))
{
print '<b><font color="#FF0000" size="1">- You are not authorized for
access area 2.</font></b><br>' ;
}
// ==================end -- on support or not=======================
// ==================buttons=======================
if (($auth) and ($tc == '1'))
{
print '<a href="access_area1.htm"><font face="Arial, Helvetica,
sans-serif"><b><font size="4" color="#FFFFFF">Area 1</font></b></font>
</a><br>';
}
if (($auth) and ($fc == '1'))
{
print '<a href="access_area2.htm"><font face="Arial, Helvetica,
sans-serif"><b><font size="4" color="#FFFFFF">Area 2</font></b></font>
</a>';
}
// ==================end buttons=======================
if ($auth)
{
echo '<b><center><font size="1">Thank you. You were authorized with
right username and password!</font></b>';
}
?>
<-------------------end secure.php--------------------->
<-----------------access_area1.htm--------------------->
<html>
<head>
<title>Access Area 1</title>
</head>
<body bgcolor="#FF6600" text="#000000">
<div align="center">
<table width="40%" border="1" cellspacing="0" cellpadding="0"
bgcolor="#FF0000" bordercolor="#000000">
<tr>
<td>
<div align="center"><b><font face="Arial, Helvetica, sans-serif"
size="6">Secure
Area 1</font></b></div>
</td>
</tr>
</table>
</div>
</body>
</html>
<----------------end access_area1.htm------------------>
<html>
<head>
<title>Access Area 2</title>
</head>
<body bgcolor="#FF0000" text="#000000">
<div align="center">
<table width="40%" border="1" cellspacing="0" cellpadding="0"
bgcolor="#FF6600" bordercolor="#000000">
<tr>
<td>
<div align="center"><b><font face="Arial, Helvetica, sans-serif"
size="6">Secure
Area 2</font></b></div>
</td>
</tr>
</table>
</div>
</body>
</html>
<----------------end access_area2.htm------------------>
<----------------passwords.txt------------------------->
joe:19741:1:0:
tony:928gt:1:1:
murray:fsSS92:1:1:
greg:2NNg8ed:1:1:
mitch:dopro:0:0:
nick:cmuk:1:0:
guest:RxegXHNEV9GpM:1:1:
tom:JJft54Dcv:0:1:
<----------------end of passwords.txt------------------>
Thankyou very much for any help!
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
