user5301755 user5301755 - 4 months ago 7
PHP Question

I Need Tips to make my PHP password work

I have trouble with these codes:

password.php:

<html>

<head>

<title>Password!</title>
<meta charset="UTF-8">

</head>

<body>

<ul>

<form action="check.php" method="POST">

<li><input type="password" name="no1" placeholder="enter your password"></li>
<li><input type="submit" value="GO!"></li>

</form>

</ul>

</body>


Here is password2.php:

<html>

<head>

<title>Password!</title>
<meta charset="UTF-8">

</head>

<body>

<ul>

<form action="check.php" method="POST">

<li><input type="password" name="name" placeholder="verify your password"></li>
<li><input type="submit" value="GO!"></li>

</form>

</ul>

</body>


And here is check.php:

<?php

$enter = $_POST['no1'];

if (empty($enter)) {
echo "Please enter password!";
}

if (!(empty($enter))) {
echo "Your password is $enter";
}


?>

<html>
<body>
<p><a href="password2.php">Move on!</a></p>
</body>
</html>

<?php

$check = $_POST['name'];

if ($check == $enter) {
echo "Acces Granted";
}

if (!($check == $enter)) {
echo "Acces denied!";
}

?>


The troubles I have are:


  • check.php doesn't recognise "name" from password2.php

  • And I can't verify the password


Answer

Because $_POST variable is not persistent between requests it would not work. You can store the value from first form in the $_SESSION variable and retrieve it from session.

More info about php sessions here

Leave everything as it is in your question except check.php, here is the modified one:

           <?php

            //starting the session in PHP
            session_start();

            $enter = null;

            // this is all the logic you need for retrieving `no1` from POST or SESSION 
            if (isset($_POST['no1'])){
                $enter = $_POST['no1'];
                $_SESSION['no1'] = $enter;
            }elseif(isset($_SESSION['no1'])){
                $enter = $_SESSION['no1'];
            }




            if (empty($enter)) {
                echo "Please enter password!";
            }

            if (!(empty($enter))) {
                echo "Your password is $enter";
            }


            ?>

                <html>
                <body>
                <p><a href="password2.php">Move on!</a></p>
                </body>
                </html>

            <?php

            $check = $_POST['name'];

            if ($check == $enter) {
                echo "Acces Granted";

                // you can comment the next line if you are debugging,
                // but after that you should destroy de session so you don't have a password as plain text
                session_destroy();
            }

            if (!($check == $enter)) {
                echo "Acces denied!";
            }

            ?>
Comments