fredted40x Posted October 23, 2010 Share Posted October 23, 2010 Hi, Im trying to create a really simple password protected page that is fairly secure but when the user doesnt enter a password the wrong error is displayed. Can anyone see a problem? Also could someone please check that im properly compairing the hash password of 2135fa0dd7fb99d167b420b7ff34ec98 with what the user entered when its hashed? login.php <?php session_start(); ?> <?php $submit = $_POST['submit']; $password = md5($_POST['password']); if ($submit) { if ($password) { if ($password == '2135fa0dd7fb99d167b420b7ff34ec98') { $_SESSION['user'] = logged; header('Location: page.php'); } else { header('Location: index.php?id=1'); } } else { header('Location: index.php?id=2'); } } else { header('Location: index.php?id=1'); } ?> index.php <?php $id=$_REQUEST['id']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html lang="EN" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/xml; charset=utf-8" /> <title>Keys</title> <link rel = "stylesheet" type = "text/css" href = "css/layout.css" /> </head> <body> <div id="header"> <h1>Keys</h1> </div> <div id="secondheader"> </div> <div id="main"> <form method="POST" action="login.php"> Password: <input type="password" name="password" onfocus="selected(this)" onblur="notselected(this)"> <input type="submit" name="submit" value="Login"> </form> <br/> <?php if ($id==1) { echo "Invalid password. Please try again"; } elseif ($id==2) { echo "Please enter a password"; } ?> </div> <div id="footer"> </div> <div id="left"> </div> </body> </html> Thanks in advance. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.