need login/user authentication script (NOT asp)

[deepwaters]

hello. i need a script that i can use for login/user authentication. i prefer the kind that allows me to embed the username and password prompts right in the web page (as opposed to a windows pop-up prompt). one that uses a mysql dbase would be ideal. can anyone recommend? thanks.

[[Unknown]]

Well, you *could* use this forum's authentication and SSI.php......

-[Unknown]

[deepwaters]

thanks for your response. where do i get it and how do i use it?

[[Unknown]]

Well, do you have/use SMF?

If not, it may not be the best solution.  If you do, please look at ssi_examples.php.

-[Unknown]

[deepwaters]

thanks. i do now. installed it about 15 mins ago. trying to figure out how i can force people to login in order to view certain pages. i tried using an include statement at the top of the web page i want to protect, but it didn't work properly (i.e. i was able to pull the web page right up). can you help? thanks.

also, why are the powered by php and powered by mysql logos grayed out at the bottom of my smf forum page?

[[Unknown]]

They are greyed out because they are "nerdish" .  Hover over them and they will light up .

This type of simple script should do the trick:

Code Select Expand

<?php
include('/path/to/SSI.php');

is_not_guest();

?>

Guests can't see this!!

-[Unknown]

[deepwaters]

it didn't like that:
Warning: session_start(): Cannot send session cookie - headers already sent by (output started at ...) in <SSI.php path> on line 93
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at...) in <SSI.php path> on line 93
Warning: Cannot modify header information - headers already sent by (output started at...) in <SSI.php path> on line 96

[[Unknown]]

Remember, this part:

<?php
include('/path/to/SSI.php');

Must be literally the first thing in the file.  Before the doctype, before any html, before any spaces.

-[Unknown]

[deepwaters]

i had a comment before the first line. 
i fixed it, but now it's giving me access to my protected page even when i'm not logged in. i deleted cookies (just in case), but i'm still getting access. 

[[Unknown]]

Are you sure that is_not_guest() is there?

How about this, what does this say?

Code Select Expand

<?php
require('/path/to/SSI.php');

var_dump($user_info['is_guest']);

?>

-[Unknown]

[whiterabbit]

I guess, you haven't logout before you came back to see that page, right?

You may wanna try;  put ssi_logout(); on the page and try login and logout and see what will happen.

[deepwaters]

Are you sure that is_not_guest() is there?

How about this, what does this say?

Code Select Expand

<?php
require('/path/to/SSI.php');

var_dump($user_info['is_guest']);

?>


-[Unknown]

the check for guest condition seems to be working fine. it says: bool(false) if i'm logged in and bool(true) if logged out. the problem is that it is still displaying the information on the protected page, even when i'm not logged in. what i expected it to do is indicate that i have to login in order to view the contents of the protected page and NOT display the protected info. any idea what i'm missing?

whiterabbit: i did include the logout code on the page. thanks.

[deepwaters]

hello again. i went back to the original code that [Unknown] gave me to try. here are the results:

testprotected.php has the following code at the top of the page (before any other code):
<?php
include('<path>/SSI.php');
is_not_guest();
?>

when i go to testprotected.php
if not logged in, goes to forum login page (which is fine)

if i log in and refresh the testprotected.php page
it takes me to the protected page (which is fine).

here's where things get crazy: if i log out and refresh the testprotected.php page i get:
Warning: Cannot modify header information - headers already sent by (output started at <path>Sources/Load.php:812) in <path>Sources/Subs.php on line 1598

Warning: Cannot modify header information - headers already sent by (output started at <path>Sources/Load.php:812) in <path>Sources/Subs.php on line 1599

Warning: Cannot modify header information - headers already sent by (output started at <path>Sources/Load.php:812) in <path>Sources/Subs.php on line 1603

Warning: Cannot modify header information - headers already sent by (output started at <path>Sources/Load.php:812) in <path>Sources/Subs.php on line 1604


forum login page is displayed beneath these warnings. if i log back in, it takes me to the protected page. if i log back out and refresh testprotected.php, i get the above warnings again. so it works unless i log in, log out and then go back to testprotected.php. i'm missing something, but have no idea what it is.

[[Unknown]]

Please try:

Code Select Expand

<?php

ob_start();
require('/path/to/SSI.php');

is_not_guest();

?>

-[Unknown]

[deepwaters]

thank you very much. that did the trick. 

[Monkey]

Hi, I'm also looking for a similar script but I cannot use SMF. I'm looking to authenticate serveral users then send them to their appropriate sections of the site. I have no SQL db so it would have to be flat file? Any ideas... I think I've just seen every pages on the internet looking for a solution 

[[Unknown]]

Apache?  Have you tried its internal authentication?

-[Unknown]

[roboter88]

My sollution would be...

Install SMF and use the admin to give special groups or members the privileg to view special boards inside the forum.

Also you can configure this to only viewable by those group/members - the board.

If you use a php website just google for a login script without Database?

There are hundreds of sollution for special/member areas...


l8r

[[Unknown]]

Install SMF

No SQL he said.

-[Unknown]

[Tomer]

I guess you can create an array of usernames and passwords in the file, and check if they match, but i'm not sure how exactly.