File authentication

Ask about general coding issues or problems here.

Moderators: macek, egami, gesf

nick_k
New php-forum User
New php-forum User
Posts: 34
Joined: Wed Dec 25, 2002 6:04 am
Location: The Netherlands
Contact:

File authentication

Postby nick_k » Sat Mar 29, 2003 8:36 am

Hi, I'm a script that authenticates users against a file. Whe you register a user, the script adds the "username:password\n" to the file (note. password is md5 encrpted). This is an extract from the password file:

Code: Select all

john:527bd5b5d689e2c32ae974c6229ff785
nick:e10adc3949ba59abbe56e057f20f883e


For some reason, when someone logs in, it allways sais the username/password is incorect. Heres the part of the code that authenticates the user:

Code: Select all

function check_pass($login, $password) {
   global $password_file;
   if(!$fh = fopen($password_file, "r")) { die("<P>Could Not Open Password File"); }
   $match = 0;
   $password = md5($password);
   while(!feof($fh)) {
      $line = fgets($fh, 4096);
      $user_pass = explode(":", $line);
      if($user_pass[0] == $login) {
         if(rtrim($user_pass[1]) == $password) {
            $match = 1;
            break;
         }
      }
   }
   if($match) {
      return 1;
   } else {
      return 0;
   }
   fclose($fh);
}

and then:

Code: Select all

 if(isset($checkpass))
 {
   if(check_pass($login, $password))
   {
     print("Thank you for logging in");
     $valid = 1;
     print("<p><a href = test.php>Whatever</a>");   
   } else
   {
     print("Username/password not correct, please try again<p>");
     $valid = 0;
     print_login_form();
   }
 }

Any ideas why it doesnt work?

User avatar
Skeletor
New php-forum User
New php-forum User
Posts: 147
Joined: Tue Nov 19, 2002 7:47 am
Location: US, Ohio
Contact:

Postby Skeletor » Mon Mar 31, 2003 4:55 am

I'm not sure, the code looks ok to me. Perhaps you are reading in a white space or some other character after the password in the file? In the example, there is a white space after the passwords, so it might be reading in that space and not matching exactly. try using the TRIM() function on both md5 passwords before your comparison.

Also, I dont' think it reads in the end of line character, but it might be something else to watch for.

***
sorry, looks like you already are trimming the password. Not sure what it is then. :]

User avatar
Redcircle
Moderator
Moderator
Posts: 830
Joined: Tue Jan 21, 2003 10:42 pm
Location: Michigan USA
Contact:

Postby Redcircle » Mon Mar 31, 2003 11:35 pm

Is register_globals turned off on your server. That might be the problem.


Return to “PHP coding => General”

Who is online

Users browsing this forum: No registered users and 1 guest

cron