6 replies to this topic

[ShadowDeath01]

I am trying to make a PHP CMS, not just a news CMS but I full CMS with like tutorials, downloads, forums, user management, etc. But right now i am having problems with the array I am using for the admins. I want it to where there can be more than one admin, so I tried this:

 
<?php
$admin=array(
'user' => 'admin',
'pass' => 'password',
'user' => 'admin2',
'pass' => 'password2'
);
?>

so that didn't work. it would let me login as admin2 but not admin. so I tried this:

<?php
$admin=array(
'user' => 'admin',
'pass' => 'password'
);

$admin=array(
'user' => 'admin2',
'pass' => 'password2'
);
?>

that didn't work either it did the same thing. would let me login as "admin2" but not "admin".

so, i guess what i am trying to say is how can I add 2+ admin accounts in the same array using the same vars so i don't have to change the rest of the CMS that requires an admin to be logged in. Thanks.

**Note: users and passes changed for security issues in the script.

[rc69]

Array keys have to be unique, which is the first reason it won't work. The second reason is, you're resetting $admin and erasing the old data when you try to add admin2 to it.

$admin = array('username' => 'admin', 'password' => 'pass',
			   'username2' => 'admin', 'password2' => 'pass');
$admin['username3'] = 'admin';
$admin['password3'] = 'pass';

Those are a couple of examples of what you could do to make things easier on your self. You can look at php.net for more info on arrays.

[coolaid]

ahem, i think multidimensional would work best here

$admins = array('
	array(
		"admin_name",
		"password"
	),

	array(
		"admin2_name",
		"password"
	)
);

so first admin info is $admins[0][0] for the name and $admins[0][1] for the password.

the 2nd admin would be $admins[1][0] for the name and $admins[1][1] for the password

[cheerio]

$admins = array(
"admin1" => "adminpass1",
"admin2" => "adminpass2"
);
foreach($admins as $user=>$pass)
{
  if($_POST['user']==$user && $_POST['pass']==$pass)
  {
	//LOGGED IN
  }
}

If you are saving user+pass in a cookie/session, change $_POST. This script is just the logging in part, but you can change it to your needs

[ShadowDeath01]

yes it is for a login script for the admin panel of the CMS. here is the code for the login part

login.php:

<?php
include("config.php");
$ip=$_SERVER['REMOTE_ADDR'];
if($_POST['Submit'])
{
$user = $_POST['user'];
$pass = $_POST['pass'];
if($user == "$admin[user]" && $pass == "$admin[pass]")
{
setcookie('user', $user, time()+3600000);
setcookie('pass', $pass, time()+3600000);
echo "Welcome $user, you are now logged in! <a href='admin.php'>Continue to the admin section?</a>";
}
else
{
echo 'Wrong username and/or password! Your IP ('.$ip.') has been logged incase of a hacking attempt!';
}
}
else
{
?>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post"><table border="0">
<tr>
<td>Username:</td>
<td><input name="user" type="text" id="user"></td>
</tr>
<tr>
<td>Password:</td>
<td><input name="pass" type="password" id="pass"></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table></form>
<?php
};
?>

and the admin users and passes are stored in config.php which is where the arrays come in.

config.php (wrong version):

<?php
$admin = array(
'user' => 'admin',
'pass' => 'password'
);
$admin = array(
'user' => 'admin2',
'pass' => 'password'
);

but if i changed "config.php" to:

<?
$admin= array(
'user' => 'admin',
'pass' => 'password'
);

array(
'user' => 'admin2',
'pass' => 'password'
);
?>

then i could login as admin, or admin2?

oh and in login.php i know there isn't anything to log the ip i am gonna work on that later. lol

Edited by ShadowDeath01, 22 August 2006 - 09:35 PM.

[rc69]

If you're going to go for multi-dimensional, i would set it up a little differently.

$users = array('admins' => array('username' => 'password'),
								 'user2' => 'pass2'));
if($users['admins'][$_COOKIE['user']] == $_COOKIE['password']){
  // you logged in
}

You could also go about it like so:

$users = array('username' => array('password', 'admin'),
			   'user2' => array('pass2')); /* User2 not being an admin, simply add the admin key to make him an admin */
if($users[$_COOKIE['username']][0] == $_COOKIE['pass'] && $users[$_COOKIE['username']][1] == 'admin'){
  // You are logged in and an admin
}

Of course, don't forget to encrypt your passwords, especially if you're using a cookie or a session.

[ShadowDeath01]

well if someone could look at my post above rc69's can someone edit it to make it work with login.php because i am still a noob at php i just know the basics. thanks