You are using PHP_EOL
as string instead of as a constant:
"PHP_EOL"
should be
PHP_EOL
Also, according to your information, the data for each account is separated by a comma, but you try exploding it using a double pipe: ||
Therefore
explode( "||", $line )
should be
explode(",", $line)
OR
If you want to use the double pipe to separate username from password in your text file, you can keep your former explode()
function but then you must make sure that the double pipe is actually used.
Also, you are using ==
for an assignment, but it is only meant for comparison. In order to correctly assign explode( ",", $line )
to list($username,$password)
you need to use =
:
list($username,$password) = explode(",", $line);
Hints
Please note that when using a comma to separate username from password, and you do not have any control over how the passwords are designed, you might run into a situation such as this:
// username,password
some_name,myPass,word
Meaning that if someone picks a comma as part of their password, your call to explode()
will return unexpected information.
Please also note that storing user information in a text file like this is quite bad practice because (as it seems, the way you present your code) you have an environment in which the passwords are stored in plain text in that file. That is a security risk. Just in case you care for that.
UPDATE #1
I found another problem here:
if($_POST['username'] = $username && $_POST['password'])
Here you use a single =
sign for a comparison, which should be ==
:
if($_POST['username'] == $username && $_POST['password'] == $password)
Please note that since you didn't actually compare the passwords, i changed $_POST['password']
to $_POST['password'] == $password
.
UPDATE #2
The reason why you are getting multiple outputs is because you wrapped the entire authentication check in a foreach
loop. Your problem is that your code structure allows the loop to continue executing when it is no longer needed (when a successful login was performed).
You could update your loop to this:
$auth = false;
foreach( $file as $line ) {
list($username, $password) = explode(",", $line);
if ($_POST['username'] == $username && $_POST['password'] == $password) {
$auth = true;
break; // use this to stop iterating over $file and end the foreach-loop
}
}
if($auth) {
echo "Login successfull!";
} else {
echo "Invalid username or password";
}
UPDATE #3
If now you feel like further improving your code, you can go on by wrapping the entire login functionality into a function
by defining that function on top of your script.
function authenticate($username, $password){
$file = explode( PHP_EOL, file_get_contents( "accounts.txt" ));
foreach( $file as $line ) {
list($username, $password) = explode(",", $line);
if ($_POST['username'] == $username && $_POST['password'] == $password)
return true;
}
return false;
}
And then call this function to do the authentication like this:
if(authenticate($_POST['username'], $_POST['password'])) {
echo "Login successfull!";
} else {
echo "Invalid username or password";
}