File authentication

Ask about general coding issues or problems here.

Moderators: egami, macek, gesf

Post Reply
New php-forum User
New php-forum User
Posts: 34
Joined: Wed Dec 25, 2002 6:04 am
Location: The Netherlands

Sat Mar 29, 2003 8:36 am

Hi, I'm a script that authenticates users against a file. Whe you register a user, the script adds the "username:password\n" to the file (note. password is md5 encrpted). This is an extract from the password file:

Code: Select all


For some reason, when someone logs in, it allways sais the username/password is incorect. Heres the part of the code that authenticates the user:

Code: Select all

function check_pass($login, $password) {
   global $password_file;
   if(!$fh = fopen($password_file, "r")) { die("<P>Could Not Open Password File"); }
   $match = 0;
   $password = md5($password);
   while(!feof($fh)) {
      $line = fgets($fh, 4096);
      $user_pass = explode(":", $line);
      if($user_pass[0] == $login) {
         if(rtrim($user_pass[1]) == $password) {
            $match = 1;
   if($match) {
      return 1;
   } else {
      return 0;

and then:

Code: Select all

   if(check_pass($login, $password))
     print("Thank you for logging in");
     $valid = 1;
     print("<p><a href = test.php>Whatever</a>");   
   } else
     print("Username/password not correct, please try again<p>");
     $valid = 0;

Any ideas why it doesnt work?

New php-forum User
New php-forum User
Posts: 147
Joined: Tue Nov 19, 2002 7:47 am
Location: US, Ohio

Mon Mar 31, 2003 4:55 am

I'm not sure, the code looks ok to me. Perhaps you are reading in a white space or some other character after the password in the file? In the example, there is a white space after the passwords, so it might be reading in that space and not matching exactly. try using the TRIM() function on both md5 passwords before your comparison.

Also, I dont' think it reads in the end of line character, but it might be something else to watch for.

sorry, looks like you already are trimming the password. Not sure what it is then. :]

User avatar
Posts: 826
Joined: Tue Jan 21, 2003 10:42 pm
Location: Michigan USA

Mon Mar 31, 2003 11:35 pm

Is register_globals turned off on your server. That might be the problem.

Post Reply