I am using a simple 'Password Protection' code right now on my website for users to access some low-risk files.
I realize this code is very weak in terms of actual protection. But I'm not worried about that at the moment.
The code currently works fine if I set a static password for the users.
In this example version, I have set the password to 'TheMagicWord, and the file to be opened as 'landingPage.php'.
I am going to be developing this code a little a time to achieve my custom needs. But right now, I am stuck on a particular aspect.
What I would like to do for now, is add a 'userName' input field to the form as well.
Then... instead of the '$password' being set to a static a password, have it be a 'run-together combination' the data which the user enters into both the 'userName' field and the 'userPassword' field, and preferably seperated by a ' ' character.
For example: If the user enters 'John' into the userName field, and 'Wonderful1' into the userPassword field, then the result should be $password = 'John Wonderful1.
I realize that achieving this would totally eliminate any 'protection' at all, as the user could basically enter anything at all into each field and gain access to the file. But again, I'm not worried about that at this time.
Adding security and validation to this will come later. Right now, I am just trying to get over this particular hump which seems to elude me.
I have tried a few php 'echo' and 'print' codes, using the input names, but either that won't work, or I am doing it wrong.
So instead of posting failed garbage code in my question, I decided to clean it up to the working version.
FORM
<pre><!DOCTYPE html>
<html>
<head>
<script>
<?php
$password = 'TheMagicWord';
$redirect_after_login = 'landingPage.php';
if (isset($_POST['userPassword']) && $_POST['userPassword'] == $password) {
header ('Location: ' . $redirect_after_login);
exit;
}
?>
</script>
</head>
<body>
<div style="text-align:center;margin-top:50px;">
You must enter the password to view this content.<br><br>
<form method="POST">
<input type="text" name="userPassword" placeholder="Password">
</form>
</div>
</body>
</html>
</pre>
CodePudding user response:
Based on your requirements - you could do something like
<?php
$correct_password = 'TheMagicWord';
$redirect_after_login = 'landingPage.php';
if (isset($_POST['username']) && isset($_POST['userPassword'])) {
$username = $_POST['username'];
$password = $_POST['userPassword'];
$combined = $username . ' ' . $password;
//do what you want with combined name
if ($password == $correct_password) {
header('Location: ' . $redirect_after_login);
exit;
} else {
$error_message = 'Incorrect username or password';
}
}
?>
<div style="text-align:center;margin-top:50px;">
You must enter the password to view this content.<br><br>
<?php if (isset($error_message)) { echo $error_message; } ?><br><br>
<form method="POST">
<input type="text" name="username" placeholder="Username">
<input type="text" name="userPassword" placeholder="Password">
</form>
</div>