-3

I'm trying to make a password only login in php, because I have a "pocket server" wich always changes domains (I use ngrok so I don't have to portforward), And I need a domain tracer so my users always know the link to my pocket server, I already have a website and I want to make it so I don't have to make a complicated login system, I want to identify myself just by a password and nothing else, the website is simple it has a textbox and some text

Goals:

-Have a simple password login

-And If I am logged in, i can change the domain displayed on the public website

My code so far:

    <!DOCTYPE html>
<html>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <title>Killer Doge</title>
  <link rel="stylesheet" href="style.css">
</head>
<body>
<h1>Killer Doge Tracer (Link changes daily)</h1>
<?php
$text = "domain";
?>
<p>Current domain:</p>
<?php
echo $text;
?>
<br>
<?php echo '<input type="text" name="name1" value="'.$admin.'">';
If ($admin == "694205") {
    echo yees;
}

?>
</body>
</html>
user5589479
  • 29
  • 2
  • 5
  • 2
    What about http://stackoverflow.com/questions/5229656/password-protecting-a-directory-and-all-of-its-subfolders-using-htaccess? – chris85 Dec 25 '16 at 23:57
  • 2
    that is pseudo code `echo yees;` am sure. If not, then that would throw you an `undefined constant yees` notice and that `$admin` must defined elsewhere, right? I'm just not a big fan of pseudo/unknowns. – Funk Forty Niner Dec 26 '16 at 00:00
  • 1
    you've an answer now; ask them. I'm off to have me some egg nogg. – Funk Forty Niner Dec 26 '16 at 00:04
  • 1
    Possible duplicate of [Creating a login system in PHP](http://stackoverflow.com/questions/11314373/creating-a-login-system-in-php) – rob2universe Dec 26 '16 at 02:40

1 Answers1

0

It's pretty much what @Maarten van Middelaar said, but a tad more complicated.

I'll try to explain through code comments:

<?php // always start the session first.
  if (session_status() == PHP_SESSION_NONE) {
    session_start();
  }
  //Check if loginform was submitted:
  if(isset($_POST['admin'])){
    if($_POST['admin'] == '12345678'){
      //user logged in correctly, store in session so you don't get instantly logged out:
      $_SESSION['loggedIn'] = "logged in!";
    }
  }

//check if domainchanger form was submitted and user is logged in
  if(isset($_POST['newdomain']) && isset($_SESSION['loggedIn'])){
   $newDomain = $_POST['newdomain'];
   //TODO: Set new domain in the database so your website can retrieve it.     
  }

  //Check if user is not logged in already
  if(!isset($_SESSION['loggedIn'])):
  //Show login form if not logged in
?>
<form method="post">    
   <input type='text' name='admin' />    
   <input type='submit' value="log in!" />    
</form>

<?php else:
//if logged in, show domain changer thing
//Show the current domain as the default value for the input
//TODO: make database connection here to get current domain
//structure: Create query to get current domain -> $currentDomain = dbresult
?>
<form method="post">
  <input type="text" name="newdomain" value="<?= $currentDomain ?>" />
  <input type='submit' value="change domain!"/>    
</form>
<?php endif ?>

I hope this makes everything clear. Tried to do it as step-by-step as possible. Please let me know if you have any questions :)

NoobishPro
  • 2,539
  • 1
  • 12
  • 23
  • Thank you, but there is an error on line 3, and I can't figure out what is the problem – user5589479 Dec 26 '16 at 09:30
  • @user5589479 I'm so sorry. Christmas drunkness and all that! I forgot to close the parenthesis `()` after the isset() functions. Note how it was `if( < isset( < $_POST['value'] >)` , clearly missing a `)`. I've updated my answer. – NoobishPro Dec 26 '16 at 11:56
  • Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at E:\xampplite\htdocs\tracker\dogetracker.php:1) in E:\xampplite\htdocs\tracker\dogetracker.php on line 1 What does this mean? – user5589479 Dec 26 '16 at 12:17
  • @user5589479 "Headers already sent" means you are already outputting something before calling `SESSION_START();`. `SESSION_START();` should always be **on the first line** in whatever you are doing. – NoobishPro Dec 26 '16 at 12:26
  • Nope, It's on the firs line – user5589479 Dec 28 '16 at 01:31
  • @user5589479 are you using any kind of framework? Are you including this script inside another file? Because it has to be on line 1 of the FIRST file. – NoobishPro Dec 28 '16 at 23:39