登录会话阅读flatfile

时间:2015-09-11 10:52:47

标签: php session logging flat-file

我在flatfile登录会话中找到了这个惊人的代码:

<?php class Login {
   // ATTRIBUTES
   // User-modifiable:
   var $userFile = 'users.txt';  // pathname of user login data file
   var $homePage = ""; //           // redirect to this URI after logout
   // Do not modify below this line....
   var $formData = array();
   var $userData = array();

// Constructor
   function Login() {
      // init formData values:
      $this->formData['loginId'] = "";
      $this->formData['loginPassword'] = "";
      $this->formData['loginAccess'] = "";
      // start session
      session_start();
      // handle logout request:
      if(!empty($_POST['logout']) or !empty($_GET['logout'])) {
         $this->logout(); }
      // handle login request:
      elseif(isset($_POST['log_in']) and $this->validateLogin()) {
         return(TRUE); } // successful login
      // see if we're already logged in:
      elseif(!empty($_SESSION['loginId'])) {
         return(TRUE); } // already logged in
      // display the login form instead of the requested page:
      $this->loginForm();
      exit; }
// end constructor

/* Bool validateLogin() returns TRUE if login/password are valid. Returns FALSE and sets $this->errorMessage if invalid or other error. */
   function validateLogin() {
      $this->errorMessage = '';
      $this->processLoginInput();
      if($this->parseUserFile()) {
         if(isset($this->userData[$_POST['name']]) and md5($_POST['password']) == $this->userData[$_POST['name']]['password']) {
            $_SESSION['loginId'] = $_POST['name'];
            $_SESSION['admin'] = $this->userData[$_POST['name']]['admin'];
            return(TRUE); }
         else { $this->errorMessage = "Invalid user name and/or password"; } }
      else { $this->errorMessage = "Unable to read user login data file"; }
      return(FALSE); }
// end validateLogin()

/* Mixed parseUserFile(). Returns number of users in userFile, else FALSE */
   function parseUserFile() {
      $this->userData = array();
      if(is_readable($this->userFile)) {
         $lines = file($this->userFile);
         foreach($lines as $line) {
            $line = trim($line);
            if($line == "") { continue; }
            $parts = preg_split('/\s+/', trim($line));
            if(count($parts) >= 3) {
               list($user, $password, $admin) = $parts;
               $this->userData[$user]['password'] = $password;
               $this->userData[$user]['admin'] = $admin; } } }
      return((count($this->userData)) ? count($this->userData) : FALSE ); }
// end parseUserFile()

/* Bool loginForm(). Outputs login form HTML. Returns TRUE. */
   function loginForm() {
      echo <<<EOD
<form action="{$_SERVER['PHP_SELF']}" method="post">
EOD;
if(!empty($this->errorMessage)) { echo "<p id='error'>".$this->errorMessage."</p>\n"; }
echo <<<EOD
<input type="text" name="name" id="name" size="16">
<input type="password" name="password" id="password" size="16">
<input type="submit" name="log_in" id="log_in" value="Log In">
</form>
EOD;
return(TRUE); }
// end loginForm()

/* Int processLoginInput(). Cleans up and sanitizes $_POST data. Returns number of elements in $_POST array. */
   function processLoginInput() {
      foreach($_POST as $key => $value) {
         if(isset($this->formData[$key])) {
            if(get_magic_quotes_gpc()) {
               $value = stripslashes($value); }
            $this->formData[$key] = htmlentities(trim($value)); } }
      return(count($_POST)); }
// end processLoginInput()

/* Bool logout(). Logs out user. Returns TRUE or redirects and exits. */
   function logout() {
      $_SESSION = array();
      if (isset($_COOKIE[session_name()])) {
         setcookie(session_name(), '', time()-42000, '/'); }
      session_destroy();
      if(!empty($this->homePage)) {
         header("Location: " . $this->homePage);
         exit; }
      return(TRUE); }
// end logout()

}  // end class Login

// Instantiate it:
$login = new Login(); ?>

这是users.txt文件,其中包含用户,以md5编码的密码以及是否为admin(1)或不是(0)。 [admin,密码] [user1,password1] [user2,password2] 

admin   5f4dcc3b5aa765d61d8327deb882cf99    1
user1   7c6a180b36896a0a8c02787eeafb0e4c    0
user2   6cb75f652a9b52798eb6cf2201057c73    0

我的问题:我想从登录中删除用户,我的意思是只需要登录密码即可。我试过这个:

/* Bool validateLogin() returns TRUE if login/password are valid. Returns FALSE and sets $this->errorMessage if invalid or other error. */
   function validateLogin() {
      $this->errorMessage = '';
      $this->processLoginInput();
      if($this->parseUserFile()) {
         if(md5($_POST['password']) == $this->userData['password']) { //removed if(isset($this->userData[$_POST['name']]) and [$_POST['name']]
            $_SESSION['loginId'] = $_POST['password']; //changed 'name' for 'password'
            $_SESSION['admin'] = $this->userData['admin']; //removeded [$_POST['name']]
            return(TRUE); }
         else { $this->errorMessage = "Invalid user name and/or password"; } }
      else { $this->errorMessage = "Unable to read user login data file"; }
      return(FALSE); }
// end validateLogin()

/* Mixed parseUserFile(). Returns number of users in userFile, else FALSE */
   function parseUserFile() {
      $this->userData = array();
      if(is_readable($this->userFile)) {
         $lines = file($this->userFile);
         foreach($lines as $line) {
            $line = trim($line);
            if($line == "") { continue; }
            $parts = preg_split('/\s+/', trim($line));
            if(count($parts) >= 3) {
               list($user, $password, $admin) = $parts;
               $this->userData['password'] = $password; //removed [$user]
               $this->userData[$user]['admin'] = $admin; } } }
      return((count($this->userData)) ? count($this->userData) : FALSE ); }
// end parseUserFile()

它仅适用于列表中的最后一个密码,其余密码不起作用。有什么帮助吗?我哪里弄错了? XXX

0 个答案:

没有答案
相关问题
最新问题