[Saldash]

Hi,

I'm currently building a vb.net/php user login system, and so far it works ok,
but I can only check the details of one user using only basic if's and else's.

Is there a way I can hardcode more user/password combinations so that the vb.net application
can be used by more than one user?

So far, I only know how to do this;

<?php
$username = "testuser1";
$pass = "user1pass";

If (!empty($_POST)) {
	If ( $username == $_POST['usr']) {
		If ( $pass == $_POST['pas']) {
			Echo "auth_yes";
		} Else {
			Echo "auth_no";
		}
	} Else {
		Echo "auth_no";
	}
} Else {
	Echo "Hacking Attempt!";
}
?>

The vb.net app submits username and password info using POST, then reads the response echo'd by the script.

I know it's not secure, but it's the only way I know how to do it.

Anyone know how I can add multiple users or make it a bit more secure?

[no2pencil]

Saldash, on 17 April 2011 - 09:10 PM, said:

Is there a way I can hardcode more user/password combinations so that the vb.net application
can be used by more than one user?

I would setup a database containing all of the needed information of the user. Read the values into PHP via a GET or POST array, pull the values of that user from the database & compare! Don't forget to either hash or encrypt the password, never send it over plain text.

Check this Tutorial

[Saldash]

Thanks for the reply,

I had been thinking about using a database, I would need to query the database for the username submitted, if it exists pull all the info for that user and compare the submitted password against that stored?

I'm not sure I know how to encrypt the POST data from my vb.net app in a way that the php file can read too.

The link you posted is too advanced for me, I only need the php to give me a ye' or ne'
response on the given credentials, though I may bring groups in alot later.