An Example of User Authentication System in PHP II

This is a short follow-up of the last post An
Example of User Authentication System in PHP. In this post we’ll
talk about the two methods of from sending GET and POST and how thy affect the
way data sending

From the previous posts example, when we provided the username and password
and clicked on submit, we saw something like this:

If you look at the address bar, you can see the data (username and password)
being sent. Now, that’s not a good thing, if we are using a password box
to hide the password being entered then what its use is if it can be seen this
way!

The good thing is that with very few modifications, the data passed can be
made invisible (not to appear on the address bar). How? By using POST method
of data sending for the HTML form.

It can be done like below:


  <html>
  <head>
  <title>Simple Uesr Authentication System</title>
  </head>

  <body>
  <form name="form1" method="post" action="verify.php">
    <p>Uername
      <input name="user" type="text" id="user">
    </p>
    <p>Password
      <input name="pass" type="password" id="pass">
    </p>
    <p>
      <input type="submit" name="Submit" value="Submit">
    </p>
  </form>
  </body>
  </html>

As you cab see we’ve to change only one thing, just the method=”get”
to method=”post”.

And for the PHP script, we’ve got to access the data from the $_POST
[] array rather than from $_GET[].

The PHP script would look like this:


  <?php
  //define some constants
  define("USERNAME",  "goodjoe");
  define("PASSWORD",  "123456");
  define("REALNAME",  "Joe Burns");

  //have the data being passed
  $user=$_POST['user'];
  $pass=$_POST['pass'];

  //if username and password match
  if($user==USERNAME && $pass==PASSWORD)
  {
    echo "<h1>Hello ".REALNAME."</h1>";
    echo "<p>Nice to see you logging in again...</p>";
    echo "<p>USER: <i>".USERNAME."</i></p>";
  }
  //if not
  else
  {
    echo "<h1>Wrong username or password!</h1>";
  }
  ?>