Hum, well I have usernames and password stored in text file (it's just a little test), like so -

password:user1
password:user2
password:user3

Basically I'm wanting a way the password can be returned to the user on giving a correct username. I've tried the following but to no avail, it always says the password is not found...

<?php

$PHP_AUTH_UN = $_POST['username'];
$auth = false;

$filename = 'passfile.txt';
$fp = fopen( $filename, 'r' );
$file_contents = fread( $fp, filesize( $filename ) );
fclose( $fp );

$lines = explode ( "\n", $file_contents );

foreach ( $lines as $line ) {
list( $password, $username ) = explode( ':', $line );

if ( $username == "$PHP_AUTH_UN" ) {
$auth = true;
break;
}
}

if ( ! $auth ) {
echo "Sorry the password was not found";
exit;
} else {
echo "Password: " . $password;
}

?>

Trim your line and it should work for you no problems:

list( $password, $username ) = explode( ':', trim($line));

Hmm thanks but still not working and I can't see why not! :confused:

It always returns the last password/username in the text file and says the password was not found.


<?php

$PHP_AUTH_UN = $_POST['username'];
$auth = false;

$filename = 'passfile.txt';
$fp = fopen( $filename, 'r' );
$file_contents = fread( $fp, filesize( $filename ) );
fclose( $fp );

$lines = explode ( "\n", $file_contents );

foreach ( $lines as $line ) {
list( $password, $username ) = explode( ':', trim($line));

if ( $username == "$PHP_AUTH_UN" ) {
$auth = true;
break;
}
}

if ( ! $auth ) {
echo "Sorry the password was not found<br><br>";
echo "Password: " . $password . "<br>";
echo "Username: " . $username;
exit;
} else {
echo "Password: " . $password . "<br>";
echo "Username: " . $username;
}

?>

try

<?php

$PHP_AUTH_UN = $_POST['username'];
$auth = false;

$filename = 'passfile.txt';

$lines = file($filename);
foreach ( $lines as $line ) {
list( $password, $username ) = explode( ':', $line);

if (trim($username) == "$PHP_AUTH_UN" ) {
$auth = true;
break;
}
}

if ( ! $auth ) {
echo "Sorry the password was not found<br><br>";
}
echo "Password: " . $password . "<br>";
echo "Username: " . $username;
?>

I'd also use the file() method as it would save you some work. However, another possibility is perhaps the use of a different OS than a *nix or using an IIS server instead of an apache. IIS will not register new lines as a \n. I believe it is a \n\r for windows (I think its \n for apache, \n\r for IIS and a mac would be a \r; someone correct me if I'm wrong).
If this is the case, file() should fix this for you, as it is sent back to you in an array instead of a string, with far less work.

You will need more validation as well. Your code mearly presents itself as a username check without any password varification. I assume however this is trimmed code for identifying the actual problem correct?
As well, I copied and pasted this code to work on mine, no problems on win32 apache w/php4.3.8 and 5.0.1. The only alteration that I made was the addition of a form to send the data.


Hey raf, where've you been? Been awhile since I've seen you last...

I'm still having no luck at all with this. :(

Validation is not important at this stage, it is only a test at the moment, but the procedure will be changed. I'm just wanting to get this to work at the moment!

No problem with the validation, thats simple to do. No luck with raf's suggestion either?
Here's what I used, pretty much an exact replica - pardon the poor initialization of variables and whatnots, but we'll worry about that after. Try running this one through, and filling out the form:

<form method="post">
<input type="text" name="username" value="" />
<input type="password" name="password" value="" />
<input type="submit" name="submit" value="submit" />
</form>
<?php
error_reporting(E_ALL & ~E_NOTICE);

if (isset($_POST['submit']))
{

$PHP_AUTH_UN = $_POST['username'];
$auth = false;

$filename = 'passfile.txt';
$fp = fopen( $filename, 'r' );
$file_contents = fread( $fp, filesize( $filename ) );
fclose( $fp );

$lines = explode ( "\n", $file_contents);

foreach ( $lines as $line ) {
list( $password, $username ) = explode( ':', trim($line));

if ( $username == "$PHP_AUTH_UN" ) {
$auth = true;
break;
}
}

if ( ! $auth ) {
echo "Sorry the password was not found";
exit;
} else {
echo "Password: " . $password;
}

}
?>

Let me know of how this turns out. If it works, we'll switch it to a file() method to save time and space.

Still not working. :o

Should it matter that I'm submitting to a different file?

Not at all, so long as your form is using a post method (otherwise use a $_GET/$_REQUEST superglobal), and the field username does exist correctly.
If you want, you can also post your form, that may show something more. Otherwise, I'm at a loss for this one, I've never seen a problem stubborn like this before.
Oh yeah, this assumes that 'passfile.txt' is also existant, named correctly, and readable. Guess you should check that. Of course, if it picks up at least the last entry, you're guarenteed that its readable, but just a thought as well.

BTW, is your server sofware apache, or is it something different?

Yup sure is stubbon!

Form -


<form action="process.php">
<fieldset>
<ul>
<li><span>Username:</span>
<input type="text" name="username" value="<?php echo $un ?>" size="60">
<input type="submit" value="Submit"></li>
</ul>
</fieldset>
</form>


Process.php -


<?php
$PHP_AUTH_UN = $_POST['username'];
$auth = false;

$filename = 'passfile.txt';
$fp = fopen( $filename, 'r' );
$file_contents = fread( $fp, filesize( $filename ) );
fclose( $fp );

$lines = explode ( "\n", $file_contents);

foreach ( $lines as $line ) {
list( $password, $username ) = explode( ':', trim($line));

if ( $username == "$PHP_AUTH_UN" ) {
$auth = true;
break;
}
}

if ( ! $auth ) {
echo "Sorry the password was not found";
echo $PHP_AUTH_UN;
echo $password;
exit;
} else {
echo "Password: " . $password;
}

?>

Ah.

<form action="process.php" method="post">

You need the method="post" in there. Go figure, html isn't smart enough to send form data as a post method by default :p

lol, it was that simple! I was thinking that the post method was default, ah well, thanks! :thumbsup:

Yep, n/p. Let us know if you need validation help.
I'll mention this offhand as well. Encrypt your passwords, md5 is a good option. Move passfile.txt above your webroot to stop people from being able to view it. Also, you need a sessions method of some sorts to control it so the client needn't login everytime - remember, cookies are your enemy.
Take care!