PHP Flat-file Beginner Log-in Script

G4mm4R4y

4.83/5 (5 votes)

3 Dec 2013CPOL2 min read

44.6K

Make a text file log in system for beginners.

The Article

New to web development? Asking how to allow people to log in? Wanting it easy and as little languages and resources as possible? Well this log in system is used on more than one of my sites and works well. It uses no database and is great for beginners. You will need a basic understanding of HTML and PHP. I hope you learn something! (With a basic knowledge of PHP, this includes how to make a webserver.)

The Point

The idea is to create a log in system that does the trick, it restricts access to pages or shows a different message.

The Code

So let's start with the sign up page. I'm making a basic-minimal HTML web page. You can make the page look like anything you like!

Let's start with a sign up webpage:

PHP

<html>
<head><title>Simple Sign Up</title></head>
<body>
<form action="cuser.php" method="post">
Username: <input type="text" name="uname"><br>
Password: <input type="password" name="pass"><br>
<input type="submit" value="Submit Account">
</body>
</html>

Nothing special, just a form here.

Now create the cuser.php.

PHP

<html>
<body>
<?php 

if(!isset($_POST['uname']) || !isset($_POST['pass'])){  //Redirect somewhere } 

$ourFileName = $_POST['uname'] ."_pass.txt";

$ourFileHandle = fopen($ourFileName, 'w') or die("can't open file");

fclose($ourFileHandle); $fopen = fopen($ourFileName, 'a');

fwrite($fopen, $_POST['pass']);

fclose($fopen);

?>

What's happening is we put together the user name and _pass.txt to make the file that contains the password, and it also stores the password inside.

Now about logging in?

Well I suspect you understand HTML so create a page with a form with the action as login.php or something and method as post. Also the variables/inputs should be pass and user. Putting it as get will let the user log in from the URL bar.

So here is our login script:

PHP

<?php session_start(); ?>
<html>
<body>
<?php
if(!isset($_POST['uname']) || !isset($_POST['pass'])){
  //Redirect somewhere 
} 

$myfile = $_POST['uname'] ."_pass.txt"; 
$username = $_POST['uname']; 
$postpass = $_POST['pass']; //Above just helps tidy up 
$exists = file_exists($myfile); 
if($exists){ $file = $myfile; 
$fh = fopen($file, 'r'); 
$pass = fread($fh, filesize($file)); 
fclose($fh); //Above checks if exists and sets pass as the real password 
} 
if(($exists) and ($pass == $postpass)){ 
//Above checks if the real pass is equal to the entered pass 
$_SESSION['user'] = $username; 
$_SESSION['logged'] = "yes"; 
//Above sets the session which is used to do stuff with the profiles (up next) 
echo "Login Succesfull."; 
}else{ 
print "Username or password was incorrect."; 
} 
?> 
</body> 
</html>

The comments should help up there.

So you want to restrict access to a page if they aren't logged in? Well okay but only if you keep reading.

Here is some code with comments to help you restrict or do something if the user is or isn't logged in.

PHP

 <?php session_start();
//This allows use of session variables
?>
<html>
<head>
<?php
    if((isset($_SESSION['logged']))
        and
    ($_SESSION['logged'] == "yes")){
        // DO NOTHING
        }else{
        //Below alerts the user if they aren't logged in. It also makes the window go back.
    echo <<<EOF
    <script>
    alert("Sorry you must be logged in to view this.");
    window.history.back();
    </script>
EOF;
    }
?>
</head>
<body>
Stuff only users can see
</body>
</html>

That's all your login system should work!

The Topics to Discuss

Did you learn how to create a login system? Was this helpful? Have you made any new sites like this? If so, please tell us!

The History

V2 of article - Added recommendation to use isset() to make sure form data was sent
V3 of article - Minor fix of code
V4 of article - Minor fix of above minor fix (Haha)

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)