Dirk Harriman Banner Image

 

Simple XML Login


<?xml version="1.0"?> <users> <user user_id="0" status="1" access="0"> <user_name>dirkDirk</user_name> <user_pass><![CDATA[$2y$10$5RcTqwdZDE2NTJxiZuUF1.aaxFVUCaDYO7KAbLtbSEtGz7qXdxqky]]></user_pass> </user> <user user_id="1" status="1" access="1"> <user_name>lanceLance</user_name> <user_pass><![CDATA[$2y$10$3D2jTVhvihST8N6ycSgEl.mggiAJYlhSwTQIVC1XrX7fVwYBOAbbq]]></user_pass> </user> <user user_id="2" status="1" access="2"> <user_name>hermHerm</user_name> <user_pass><![CDATA[$2y$10$R0M6lNYnUv5z5Clj6xk92eJxC8u08dj7jpKvftL2.qkq7ZCEJN.l.]]></user_pass> </user> </users>

.flex_wrap { display:flex; flex-flow:row wrap; } .sel_control { margin:1rem; border:1px solid #000; border-radius:0.25rem; padding:0.25rem; } .btn_control { margin:1rem; border:1px solid #000; border-radius:0.25rem; padding:0.25rem 0.5rem; background-color:#000; color:#fff; } #user_message { margin:1rem; border:1px solid #000; border-radius:0.25rem; padding:0.25rem 0.5rem; min-height:5rem; }

<div class="flex_wrap"> <input type="text" id="txtUsername" name="txtUsername" minlength="8" maxlength="20" /> <input type="password" id="txtPassword" name="txtPassword" minlength="8" maxlength="20" /> <input type="button" id="btnLogin" value="Login" class="btn_control" /><br/> </div> <div id="user_message"></div>

< window.addEventListener("DOMContentLoaded", (event) =>{ let txtUsername = document.getElementById("txtUsername"); let txtPassword = document.getElementById("txtPassword"); let btnLogin = document.getElementById("btnLogin"); let user_message = document.getElementById("user_message"); btnLogin.addEventListener("click", function() { let error_str = validate_login(); let data = ""; let msg = ""; let accessLevel = -1; let xmlhttp; let return_obj; if (error_str == "") { // PACKAGE THE DATA data = "txtUsername="+ txtUsername.value +"&txtPassword="+ txtPassword.value; if (window.XMLHttpRequest) { xmlhttp = new XMLHttpRequest(); } else { xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState==4 && xmlhttp.status==200) { returnObj = JSON.parse(xmlhttp.responseText); if (returnObj.errorString != "") { msg = "Error: "+ returnObj.errorString; } else { msg += returnObj.userName +"<br/>User ID: "+ returnObj.userId +"<br/>"; accessLevel = parseInt(returnObj.accessLevel); switch (accessLevel) { case 0: msg += "Logged in as Adminitrator"; break; case 1: msg += "Logged in as Manager"; break; case 2: msg += "Logged in as User"; break; default: msg += "Not logged in"; } msg += "<br/>"+ returnObj.userMenu; } msg = "errorStr: "+ returnObj.errorString +"<br/>" msg += "userName: "+ returnObj.userName +"<br/>" msg += "userMenu: "+ returnObj.userMenu +"<br/>" msg += "accessLevel: "+ returnObj.accessLevel +"<br/>" user_message.innerHTML = msg; } } xmlhttp.open("POST","login_user.php",true); xmlhttp.setRequestHeader("Content-Type","application/x-www-form-urlencoded"); xmlhttp.send(data); } else { user_message.innerHTML = error_str } },false); let validate_login = function() { let error_str = ""; if (txtUsername.value.trim() == "") { error_str += "You must enter a username<br/>"; } else { if (txtUsername.value.length < 8) { error_str += "Your username must be at least 8 characters long<br/>"; } } if (txtPassword.value.trim() == "") { error_str += "You must enter a password<br/>"; } else { if (txtPassword.value.length < 8) { error_str += "Your password must be at least 8 characters long<br/>"; } } return error_str; }; });

<?php $txtUsername = $_POST['txtUsername']; $txtPassword = $_POST['txtPassword']; $user_file = 'site_users_sx_1.xml'; $menu_str = ''; $error_str = ''; $access_level = -1; if (file_exists($user_file)) { $xml = simplexml_load_file($user_file) or die ('Cannot open XML file'); foreach($xml->children() as $users) { if ($txtUsername == $users->user_name) { if (password_verify($txtPassword, $users->user_pass)) { // START A SESSION session_start(); $access_level = (int)$users['access']; $_SESSION['access'] = (int)$users['access']; $_SESSION['sid'] = (int)$users['user_id']; $_SESSION['user_name'] = $txtUsername; switch($access_level) { case 0 : $menu_str = '<a href="#" class="btn btn-bs-primary">Admin Page</a>'; break; case 1 : $menu_str = '<a href="#" class="btn btn-bs-primary">Manager Page</a>'; break; case 2 : $menu_str = '<a href="#" class="btn btn-bs-primary">User Page</a>'; break; default: $menu_str = ''; } break; } else { $error_str .= 'Login Failed'; break; } } } if ($access_level == -1) { $error_str = 'Login Failed'; } } else { $error_str = 'File Does Not Exist'; } $output = array('errorString' => $error_str, 'userName' => $txtUsername, 'userMenu' => $menu_str, 'accessLevel' => $access_level); header('Content-Type:application/json'); echo json_encode($output, JSON_FORCE_OBJECT); ?>