Can't figure out how to implement auth

Question

Can't figure out how to implement auth

ZeWaka opened this issue 9 years ago · 3 comments

I'm probably just being stupid, but I've tried many variants of an auth system with this and none of them have worked. I tried to use a system with a login.php but the page was stuck in an infinite loading loop when I used that. I'm just trying to do something super simple for a music fileserver for some friends. The code I used:

login.php in root

<?php
$name = $_POST['name'];
$pass = $_POST['pass'];

if( isset($name) || isset($pass) )
{
    if( empty($name) ) {
        die ("ERROR: Please enter username!");
    }
    if( empty($pass) ) {
        die ("ERROR: Please enter password!");
    }


    if( $name == "<some name>" && $pass == "<some password>" )
    {
        // Authentication successful - Set session
        session_start();
        $_SESSION['auth'] = 1;
        setcookie("username", $_POST['name'], time()+(84600*30));
        header('Location: index.php');
        exit;
    }
    else {
        echo "ERROR: Incorrect username or password!";
    }
}


// If no submission, display login form
else {
?>
    <html>
    <head></head>
    <body>
    <center>
    <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    Username: <input type="text" name="name" value="<?php echo $_COOKIE['username']; ?>">
    <p />
    Password: <input type="password" name="pass">
    <p />
    <input type="submit" name="submit" value="Log In">
    </center>
    </body>
    </html>
<?php
}
?>

user.config.php

<?php
function auth() {
  session_start();
  if( $_SESSION['auth'] != 1 ) {
    require( 'login.php' );
    return true
  }
  else {
    echo "hello";
    return false
  }
}
$fm = new Filemanager();
?>

Answer 1 · 2016-05-16T10:42:21.000Z

What do you expect of require( 'login.php' ) ?
Use header Location to redirect to appropriate page in case of auth is failed.

Answer 2 · 2016-05-16T16:27:25.000Z

So, I tried replacing the require with a header in user.config.php.
It's still not cooperating and giving me errors. Is it somehow not able to find login.php since it is in a different directory? I tried putting one in the same directory and it did not work either.

user.config.php

Answer 3 · 2016-05-16T18:54:02.000Z

this is nothing to do with Filemanager but with your PHP skills.

First of all, reove echo "hello" lines ... because your script is not supposed to display anything here ...
And then, just pass the right parameter to the header function.

Most contemporary clients accept relative URIs as argument to » Location:, but some older clients require an absolute URI including the scheme, hostname and absolute path. You can usually use $_SERVER['HTTP_HOST'], $_SERVER['PHP_SELF'] and dirname() to make an absolute URI from a relative one yourself
Source : http://php.net/manual/en/function.header.php

it means you must replace the header call to something like :

header("Location: http://www.yourhost.com/yourapp/login.php");