Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

HTML

Posted by Stephen Omoarukhe
Stephen Omoarukhe
15,307 Points

How do you capture data from a login form and authenticate a registered user

I want to capture data and authenticate a user that fills a login form

Nikolay Batrakov
Nikolay Batrakov
9,604 Points

You need a database to remember users, so you need one of back-end programming languages to handle authentication requests. Ruby-on-Rails, PHP or Pithon

1 Answer

Chris Jones
Chris Jones
9,419 Points
Chris Jones
Chris Jones
9,419 Points

EDIT: Assuming PHP as a scripting language

What will you be using to do your authentication, Database, Flat file, or a hardcoded value?

Whichever you use, you'll want to do a comparison from what was entered by the user to the value stored, psuedo-code:

<?php

// From the form
$username = $_POST['username'];
$password = $_POST['password'];

// hardcoded values

$hardcodedPassword = "password";
$hardcodedUsername = "whosthedaddy";

if($username === $hardcodedUsername && $password === $hardcodedPassword) {
// Do stuff here
} else {
echo "Username/Password combo not recognised";
}

If you want this to be logged in over several pages, then you would want to register a state with session, something like 

if($username === $hardcodedUsername && $password === $hardcodedPassword) {
$_SESSION['loggedIn'] = true;
$_SESSION['username'] = $username;
}

and then for logout.php

session_destroy();
session_regenerate_id()

NB

I wouldn't recommend hardcoding details, and if using a database its recommended to use password hashing/salts to protect your users.

Hope that helps to start with