1

I have made a program that lets you enter the username and password then it stores it in a text file and when i want to login i want to make it so it loops through the text file that has the usr/pass in to find if you entered your credentials in correctly. I'm not sure how to do this. please can somebody help

Improve this question
8
  • 2
    um fread, fgets etc. That said username and password then it stores it in a text file is a bad idea for several reasons. Performance will be poor, security will be poor etc. Commented Sep 29, 2018 at 16:16
  • 2
    this is only for me and someone else Commented Sep 29, 2018 at 16:18
  • 1
    This sound like a bad idea from the very beginning. Do not store usernames and passwords in a text file. There is no protection at all. Secondly do not store passwords and usernames in plain text as I assume you where thinking. Then even if you are going down this path and violating GDPR rules a loop is not needed. There are other more efficient ways to do it. Commented Sep 29, 2018 at 16:24
  • 3
    this is only for me and someone else why use a file at all you could just put them in an array right in the code. If this is not a publicly used site with no PCI, or confidential data and only your data, then you could probably get by with that as long as you know the risks of not having strong security. You can use file_put_contents('passwords.php', '<?php return '.var_export($passwords, true).';'); and then include them using $passwords = require 'passwords.php' Commented Sep 29, 2018 at 16:26
  • 3
    Agree with above. Hardcode it in to the PHP file instead. If it's only a limited number of accounts then it's no big deal. Probably much less work to do than to code a good login page. Commented Sep 29, 2018 at 16:29

2 Answers 2

Reset to default
1

Example text.txt file:

$ cat text.txt

text1|answer1
text2|answer2
text3|answer3

Example code:

cat test2.php 

<?php

$text="text1";

$file="text.txt";
$f = fopen($file, 'r');
while($data = fgets($f))
{
    $ar_data=explode('|',$data);
    if($ar_data[0]==$text) {
        echo "looking for: ".$ar_data[1]."\n";
    }
}

Example usage: $ php test2.php looking for: answer1

The text fileis not a good way for verify user credentials. You should try sql database. sqlite3 for example.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Don't answer a question with a method that is not good. Also this code is flawed on the very basic level. What if the user uses | in his name or password? Don't reinvent a square wheel.
This code should only give the idea how to loop throught the file with an example. I suggested to use other technique to do the credentials check.
People only read what they want to read. When they see a code that solves the problem they think they have they take it without caring about what happens next.
The question was: how to loop through a text file in php to find a specific line of text , mayby it was not smart to give an example with the password file.
0

You can just hard code them in an array:

 $passwords = ['someuser' => 'password'];

If you really want to store them in a file, so you can change them (for example) without editing the code, One way is to use something like this:

 $passwords = ['someuser' => 'password'];
 file_put_contents('passwords.php', '<?php return '.var_export($passwords,true).';');

This will create a file with something this in it (white space not withstanding):

 <?php return array('someuser' => 'password');

Then when you need to import it into code you can simply use

 $passwords = require 'passwords.php';

Which will put the contents of that file into that variable. Then you can check them really easily like so:

$passwords = require 'passwords.php';
if(isset($passwords[$user]) && $passwords[$user] == $password){
    //do something when logged in
}

You can also modify the array and then save it:

$passwords = require 'passwords.php';

$passwords['someuser'] = $new_password;

file_put_contents('passwords.php', '<?php return '.var_export($passwords,true).';');

Of course you can even edit the passwords manually in the file. Sort of like a config file.

As I mentioned in the comments, it's better to use the DB, encryption and what not but as you said

this is only for me and someone else

As long as you don't have any third party data, and your ok with the security implications of this, then you can probably squeak by with the above.

To explain it:

Var Export converts arrays to valid PHP code, but in a string format. Then if we add the PHP open tag <?php, the return call return and the ending ; to it and save it in a PHP file, we now have a valid PHP file with dynamic passwords saved in it as an array.

When you have such a file that returns an array, you can inject that into a variable just by setting it like I showed above. Then it's a simple matter of checking to see if everything matches up.

Performance wise your offloading most of the penalty of this to saving the file, importing an array like this is very fast as is the key lookup. Much faster then iterating though a file and trying to parse the data from it.

You'll have to get the paths and filenames right and all that Jazz, but it should be pretty strait forward.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.