Jump to content

Personalized Web Pages for Multiple Users, using PHP and Sessions

angelfish723

By angelfish723
in PHP Coding Help

 Share

Recommended Posts

angelfish723 Newbie

angelfish723

Posted
Posted

I'm am somewhat new to PHP and am trying to set up a website for my cousin's wedding. Her idea is to have the guests sign in with a user/pass that she provides, and once they sign in, they will be taken to a page that has their name on it (i.e. "Mr. and Mrs. So and So, you are invited...). I have come to the conclusion that I will need to make an image for each guest's name (she wants to use a font for their names that nobody will have on their computer) so what I need to know is:

 

How do I link each user name to their own personalized webpage, where the image of their name on the next page will change based on what username is entered? I have been told to use Sessions (which I don't yet have in this code), but I'm clueless as to how to make that work for multiple users. Where do I put the coding, what does the coding look like, etc.

 

Thanks in advance for any help!

 

The php code I have right now is this (i'm sorry it's so long, I just don't want to leave anything out that might be important):

 

$LOGIN_INFORMATION = array(
  'steve' => 'password',
  'rick' => 'password',
  'tom'=> 'password'
);

// request login? true - show login and password boxes, false - password box only
define('USE_USERNAME', true);

// User will be redirected to this page after logout
define('LOGOUT_URL', 'http://www.example.com/');

// time out after NN minutes of inactivity. Set to 0 to not timeout
define('TIMEOUT_MINUTES', 0);

// This parameter is only useful when TIMEOUT_MINUTES is not zero
// true - timeout time from last activity, false - timeout time from login
define('TIMEOUT_CHECK_ACTIVITY', true);

##################################################################
#  SETTINGS END
##################################################################


///////////////////////////////////////////////////////
// do not change code below
///////////////////////////////////////////////////////

// show usage example
if(isset($_GET['help'])) {
  die('Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?>');
}

// timeout in seconds
$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);

// logout?
if(isset($_GET['logout'])) {
  setcookie("verify", '', $timeout, '/'); // clear password;
  header('Location: ' . LOGOUT_URL);
  exit();
}

if(!function_exists('showLoginPasswordProtect')) {

// show login form
function showLoginPasswordProtect($error_msg) {
?>
<html>
<head>
  <title>Please enter password to access this page</title>
  <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
  <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style type="text/css">
body,td,th {
font-family: Verdana, Geneva, sans-serif;
font-size: 10px;
color: #666;
}
body {
background-color: #FFFFFB;
}
</style>
</head>
<body>
<div align="center">
  <style>
    input { border: 1px solid black; }
  </style>
  <div style="width:600px; margin-left:auto; margin-right:auto; text-align:center">
  <form method="post">
    <h4>Please sign in using the information provided on the invitation</h4>
    <font color="red"><?php echo $error_msg; ?></font><br />
<?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" /><br />Password:<br />'; ?>
    <input type="password" name="access_password" /><p></p><input type="submit" name="Submit" value="Submit" />
  </form>
  <br />
  <a style="font-size:9px; color: #B0B0B0; font-family: Verdana, Arial;" href="http://www.zubrag.com/scripts/password-protect.php" title="Download Password Protector">Powered by Password Protect</a>
  </div>
</body>
</html>

<?php
  // stop at this point
  die();
}
}

// user provided password
if (isset($_POST['access_password'])) {

  $login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
  $pass = $_POST['access_password'];
  if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
  || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) 
  ) {
    showLoginPasswordProtect("Incorrect password.");
  }
  else {
    // set cookie if password was validated
    setcookie("verify", md5($login.'%'.$pass), $timeout, '/');
    
    // Some programs (like Form1 Bilder) check $_POST array to see if parameters passed
    // So need to clear password protector variables
    unset($_POST['access_login']);
    unset($_POST['access_password']);
    unset($_POST['Submit']);
  }

}

else {

  // check if password cookie is set
  if (!isset($_COOKIE['verify'])) {
    showLoginPasswordProtect("");
  }

  // check if cookie is good
  $found = false;
  foreach($LOGIN_INFORMATION as $key=>$val) {
    $lp = (USE_USERNAME ? $key : '') .'%'.$val;
    if ($_COOKIE['verify'] == md5($lp)) {
      $found = true;
      // prolong timeout
      if (TIMEOUT_CHECK_ACTIVITY) {
        setcookie("verify", md5($lp), $timeout, '/');
      }
      break;
    }
  }
  if (!$found) {
    showLoginPasswordProtect("");
  }

}

?>

 

 

Link to comment
Share on other sites
simshaun Newbie

simshaun

Posted
Posted

Forget using an image for each guest's name.  Use a font replacement technique, such as sIFR or cufon.

 

Sorry I don't have time to help you more with the code right now, but I notice a couple things about that login code.  It only checks for a cookie.  Very insecure, but seeing as how this is just for a wedding, shouldn't be a big deal.

 

What you need to do is store their name in $_SESSION upon login (or even a cookie in your particular case).

Link to comment
Share on other sites
Rifts Advanced Member

Rifts

Posted
Posted

try this i changed the code a little so there is no cookie its sessions

 

this is a very very simple version but its a start for you I think, I'm not 100% if this is what you are even looking for but try it.

<?php
$LOGIN_INFORMATION = array(
  'steve' => 'password',
  'rick' => 'password',
  'tom'=> 'password'
);
?>

<form method="post">
<input type="text" name="access_login" value="name"><br>
<input type="text" name="access_password" value="password"><br>
<input type="submit" />


<?php
if (isset($_POST['access_password'])) {

  $login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
  $pass = $_POST['access_password'];
  if (!in_array($pass, $LOGIN_INFORMATION)
  || (( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) 
  ) {
   echo "Incorrect password.";
  }
  else {
  echo "HELLO AND WELCOME ". $_POST['access_login'];
  }
  }
  ?>

 

Link to comment
Share on other sites
angelfish723 Newbie

angelfish723

Posted
  • Author
Posted

Okay, I'm getting the name to show up (almost there!!) but it shows up twice (it has one name on a line, then the line below it it says "name, you are invited..." 

 

So it's like:

 

Rick

Rick, you're invited

 

I'm also curious to find out how to make it so that if rick is the password, his name on the next page can be "Mr. Smith" ... instead of what his actual username was. Do you know how to do that?

 

Thanks so much for all your help!!

Link to comment
Share on other sites
angelfish723 Newbie

angelfish723

Posted
  • Author
Posted

If I use the code you gave me, it doesn't go to a password page first, it puts the password form on the page I want password protected. And if I replace the cookies section of my code with the code you gave me, I get a syntax error on the last line (the ?>)

 

Here is what I've got now, with the error:

 

<?php

// Add login/password pairs below, like described above
// NOTE: all rows except last must have comma "," at the end of line
$LOGIN_INFORMATION = array(
  'steve' => '121110',
  'rick' => '121110',
  'tom' => '121110'
);



// request login? true - show login and password boxes, false - password box only
define('USE_USERNAME', true);

// User will be redirected to this page after logout
define('LOGOUT_URL', 'http://www.example.com/');

// time out after NN minutes of inactivity. Set to 0 to not timeout
define('TIMEOUT_MINUTES', 30);

// This parameter is only useful when TIMEOUT_MINUTES is not zero
// true - timeout time from last activity, false - timeout time from login
define('TIMEOUT_CHECK_ACTIVITY', true);


///////////////////////////////////////////////////////
// do not change code below
///////////////////////////////////////////////////////

// show usage example

if ($username == "steve") {
echo "<img src=images/nameplates/sdougan.png>";
} elseif ($username == "rick") {
echo "<img src=images/nameplates/rmineck.png>";
} elseif ($username == "tom") {
echo "<img src=images/nameplates/tpolasik.png>";
}

if(isset($_GET['help'])) {
  die('Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?>');
}

// timeout in seconds
$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);

// logout?
if(isset($_GET['logout'])) {
  setcookie("verify", '', $timeout, '/'); // clear password;
  header('Location: ' . LOGOUT_URL);
  exit();
}

if(!function_exists('showLoginPasswordProtect')) {

// show login form
function showLoginPasswordProtect($error_msg) {
?>

<html>
<head>
  <title>Please enter password to access this page</title>
  <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
  <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style type="text/css">
body,td,th {
font-family: Verdana, Geneva, sans-serif;
font-size: 10px;
color: #666;
}
body {
background-color: #FFFFFB;
}
</style>
</head>
<body>
<div align="center">
  <style>
    input { border: 1px solid black; }
  </style>
  <div style="width:600px; margin-left:auto; margin-right:auto; text-align:center">
  <form method="post">
    <h4>Please sign in using the information provided on the invitation</h4>
    <font color="red"><?php echo $error_msg; ?></font><br />
<?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" /><br />Password:<br />'; ?>
    <input type="password" name="access_password" /><p></p><input type="submit" name="Submit" value="Submit" />
  </form>
  <br />
  <a style="font-size:9px; color: #B0B0B0; font-family: Verdana, Arial;" href="http://www.zubrag.com/scripts/password-protect.php" title="Download Password Protector">Powered by Password Protect</a>
  </div>
</body>
</html>

<?php
if (isset($_POST['access_password'])) {

  $login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
  $pass = $_POST['access_password'];
  if (!in_array($pass, $LOGIN_INFORMATION)
  || (( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) 
  ) {
   echo "Incorrect password.";
  }
  else {
  echo "HELLO AND WELCOME ". $_POST['access_login'];
  }
  }
  ?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.