Jump to content
php.lv forumi

PHP login sistēma


Elvis L

Recommended Posts

Sveiki, atradu internetā gatavu risinājumu, login sistēma, priekš 1 personas, man vajadzētu viņu nedaudz pielabot, lai manuāli ar roku varētu piereģistrēt vairāk kā vienu personu, vajadzētu apmēram pieciem lietotājiem, tapēc nav vērts vaidot db un reģistrēšanās sistēmu.

 

Login sistēma atpazīst lietotāju pēc

 

// username to login into page
define('LOGIN_USER', "xxx1");
 
// password to login into page
define('LOGIN_PASS', "xxx1");
 
Kas man būtu jādara, lai varētu piereģistrēt vairākus lietotājus, respektīvi, kas līdzīgs šim
 
// username to login into page
define('LOGIN_USER', "xxx1,xxx2");
 
// password to login into page
define('LOGIN_PASS', "xxx1,xxx2");
 
Paldies jau iepriekš, gaidu Jūsu padomus

 

Link to comment
Share on other sites

Grūti spriest bez kōda. Palielam, konstantes varētu nomainīt uz masīviem. Un vietā kur skatās LOGIN_ būtu iterācija caur to masīvu, kur _USER un _PASS vietā skatītos pēc atslēgām no masīva. user => pass

 

Failam, kurš glabā paroles noteikti, ka uzliec attiecīgas atļaujas. Un, ja tik tišām parole ir kā plain teksts, tad nenāktu par ļaunu nomainīt pret kādu algoritmisku outputu. (hah)

Edited by teiks
Link to comment
Share on other sites

define('LOGIN_USER', "user1,user2,user3,user4,user5");
define('LOGIN_PASS', "pass1,pass2,pass3,pass4,pass5");

 

Varētu pārbaudīt kaut kā šādi
$logged = checkLogin('user1','pass1');

 

md5 parolēm noderētu... Bet šāds variants jebkurā gadījumā nav optimālais risinājums!

function checkLogin($name, $pass){
	//explode posible usernames
	$users 		=  explode(',',LOGIN_USER);
	//explode posible passwords
	$passwords 	=  explode(',',LOGIN_PASS);
	// 
	if(count($users) != count(array_unique($users))) die("I am dumb (no unique usernames)");
	if(count($users) != count($passwords)) die('I am dumb (username count differs from passwords)');
	
	// find username key
	$name_key = array_search($name,$users);
	// find password key
	$pass_key = array_search($pass,$passwords);
	
	return ($name_key !== false && $pass_key !== false && $name_key == $pass_key);
	
}
Link to comment
Share on other sites

<?php
# Name: Login.class.php
# Description: simple single user login script
# Author: ricocheting
# Web: http://www.ricocheting.com/code/php
# Update: 2010-06-06
# Version: 2.1
# Copyright 2003 ricocheting.com


/*
This script is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/



// username to login into page
define('LOGIN_USER', "useris");

// password to login into page
define('LOGIN_PASS', "parole");




###################################################################################################
###################################################################################################
###################################################################################################
# CLASS desc: for calling login authentication
# CLASS req: looks for constants LOGIN_USER and LOGIN_PASS
# Can be called:  ?action=clear_login   ?action=prompt
class Login {

	// unique prefix that is used with this object (on cookies and password salt)
	var $prefix = "login_";

	// days "remember me" cookies will remain
	var $cookie_duration = 21;


	// temporary values for comparing login are auto set here. do not set your own $user or $pass here
	var $user = "";
	var $pass = "";


#-#############################################
# desc: calls the rest of the functions depending on login state
# returns: nothing, but will print login prompt and die if necessary
function authorize() {

	//save cookie info to session
	if(isset($_COOKIE[$this->prefix.'user'])){
		$_SESSION[$this->prefix.'user'] = $_COOKIE[$this->prefix.'user'];
		$_SESSION[$this->prefix.'pass'] = $_COOKIE[$this->prefix.'pass'];
	}
	//	else{echo "no cookie<br>";}


	//if setting vars
	if(isset($_POST['action']) && $_POST['action'] == "set_login"){

		$this->user = $_POST['user'];
		$this->pass = md5($this->prefix.$_POST['pass']); //hash password. salt with prefix

		$this->check();//dies if incorrect

		//if "remember me" set cookie
		if(isset($_POST['remember'])){
			setcookie($this->prefix."user", $this->user, time()+($this->cookie_duration*86400));// (d*24h*60m*60s)
			setcookie($this->prefix."pass", $this->pass, time()+($this->cookie_duration*86400));// (d*24h*60m*60s)
		}

		//set session
		$_SESSION[$this->prefix.'user'] = $this->user;
		$_SESSION[$this->prefix.'pass'] = $this->pass;
	}

	//if forced log in
	elseif(isset($_GET['action']) && $_GET['action'] == "prompt"){
		session_unset();
		session_destroy();
		//destroy any existing cookie by setting time in past
		if(!empty($_COOKIE[$this->prefix.'user'])) setcookie($this->prefix."user", "blanked", time()-(3600*25));
		if(!empty($_COOKIE[$this->prefix.'pass'])) setcookie($this->prefix."pass", "blanked", time()-(3600*25));

		$this->prompt();
	}

	//if clearing the login
	elseif(isset($_GET['action']) && $_GET['action'] == "clear_login"){
		session_unset();
		session_destroy();
		//destroy any existing cookie by setting time in past
		if(!empty($_COOKIE[$this->prefix.'user'])) setcookie($this->prefix."user", "blanked", time()-(3600*25));
		if(!empty($_COOKIE[$this->prefix.'pass'])) setcookie($this->prefix."pass", "blanked", time()-(3600*25));

		$msg = '<h2 class="msg">**Jūs veiksmīgi izgājāt no sistēmas**</h2>';
		$this->prompt($msg);
	}

	//prompt for
	elseif(!isset($_SESSION[$this->prefix.'pass']) || !isset($_SESSION[$this->prefix.'user'])){
		$this->prompt();
	}

	//check the pw
	else{
		$this->user = $_SESSION[$this->prefix.'user'];
		$this->pass = $_SESSION[$this->prefix.'pass'];
		$this->check();//dies if incorrect
	}

}#-#authorize()


#-#############################################
# desc: compares the user info
# returns: nothing, but will print login prompt and die if incorrect
function check(){

	if(md5($this->prefix . LOGIN_PASS) != $this->pass || LOGIN_USER != $this->user){
		//destroy any existing cookie by setting time in past
		if(!empty($_COOKIE[$this->prefix.'user'])) setcookie($this->prefix."user", "blanked", time()-(3600*25));
		if(!empty($_COOKIE[$this->prefix.'pass'])) setcookie($this->prefix."pass", "blanked", time()-(3600*25));
		session_unset();
		session_destroy();

		$msg='<h2 class="warn">Nepareizs lietotājs, vai parole</h2>';
		$this->prompt($msg);
	}
}#-#check()


#-#############################################
# desc: prompt to enter password
# param: any custom message to display
# returns: nothing, but exits at end
function prompt($msg=''){
?>
<html><head>
<title>SPX Pieslēģšanās</title>
	<style>
	body{margin:15px;}
	table.login{border-collapse:collapse;}
	table.login td{font:bold 10pt verdana;color:black;border:1px #535353 solid;border-collapse:collapse;padding:2px 3px;text-align:center;background:#eeeeee;}
	table.login td.header{background-color:#cccccc;}
	.msg{font:bold 120% verdana;text-align:center;color:green;}
	.warn{font:bold 120% verdana;text-align:center;color:maroon;}
	</style>
</head><body>
	<form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post">
	<input type="hidden" name="action" value="set_login">

	<?php echo $msg; ?>

	<table align="center" width="300" class="login">
	<tr><td class="header" colspan="2">Ievadiet pieslēgšanās informāciju</td></tr>
	<tr>
		<td class="desc"><label for="user">Emails:</label> <input type="text" name="user" id="user"></td>
		<td class="desc"><label for="pass">Parole:</label> <input type="password" name="pass" id="pass"></td>
	</tr>

	<tr><td class="desc" colspan="2" style="text-align:left;">
		<input type="checkbox" name="remember" id="remember"> <label for="remember">Atcerēties mani šajā datorā</label>
	</td></tr>

	<tr><td class="desc" colspan="2" style="text-align:right;"><input type="submit" value="Pieslēgties"></td></tr>

	</table>

	</form>
</body></html>
<?php
	//don't run the rest of the page
	exit;
}#-#prompt()


}//CLASS Login

?>

un šādi izsauc

$login = new Login; // create object login
$login->authorize(); // make user login

Šis vispār domāts kā pagaidu variants, tādēļ nebija doma likt ko nopietnāku, jo sākotnēji nebija vispār autorizācijas

Edited by Elvis L
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...