[thelist] PHP help needed
Phil Turmel
philip at turmel.org
Mon Nov 28 21:10:29 CST 2005
Flavia Tarzwell (FayeC) wrote:
> I have a simple login (no need for secure login - as instructed by the
> site's owner - she *requested* that the login uses only a username, no
> password), the login is not validated against a db or anything....it's
> basically only a way to sort through image files and display only the
> associated files.
[snip /]
> *And yes, I did explain to the client about the security issues of not
> having a password and not validating the password/username but she
> explained it was not a matter of safety as the images were for public
> display anyways. The images are screenshots taken during ultrasound
> exams and they are posted online for the extended family to view so the
> only concern is really selecting the right images for the right
> costumer/user.
FayeC,
Two separate problems:
1) Login and session handling (so the login is remembered), and
2) Image filename generation.
Barebones logic (and untested):
============================================================
<?php
session_name("FayeC");
session_start(); // Presumes use of a session cookie
if (isset($_POST['username']))
$_SESSION['username'] = $_POST['username'];
$user = $_SESSION['username'];
if (!strlen($user))
{
// send "not logged in" page to browser
exit;
}
?>{..........DOCTYPE, HEAD, NAV, DIVs...........}
<ul id="images">
<?php
$galleryfolder = ".....";
$realfolder = $_SERVER['DOCUMENT_ROOT'] . '/' . $galleryfolder;
for ($i=1; $i<=4; $i++)
{
$realfile = sprintf("%s/%s_%u.jpg", $realfolder, $user, $i);
if (file_exists($realfile))
printf(" <li><img src=\"/%s/%s_%u.jpg\"></li>\n",
urlencode($galleryfolder),
urlencode($user),
$i);
}
?></ul>
{.............../DIVs, /BODY...................}
The session functions need to send headers, so it is vital that the
<?php tag be the first characters on the first line.
Hope this gets you started.
Phil
More information about the thelist
mailing list