Need help with PHP flat file login system.

I am trying to create a flat file login system, when I log in to the system via the username and password I set in my .txt flat file, I recieve an error message that reads:

"Warning: file(/LoginTest/userlist.txt) [function.file]: failed to open stream: No such file or directory in /home2/shb8_008/ on line 12
Could not open file /LoginTest/userlist.txt"

The code for the validate file around line 12 is:


function checkLogin($user,$pass)
      global $file;      
      $users=file($file) or die("Could not open file <b>$file</b>");
      foreach($users as $userInfo)
            if ( trim(substr($userInfo,33))==$user && substr($userInfo,0,32)==$pass )
                  return 1;
      return 0;

I am new to PHP and would appreciate any help you guys gave provide.  Thanks a lot.  


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Roger BaklundCommented:
The value of $file is wrong. Where is this file located? In the same directory as your script? Then use just $file="userlist.txt". This file should probably be in a directory where it is not readable by web users... Then you should use the full path to the file, i.e. $file = "/home2/shb8_008/" or a relative path: $file = "../../protected/userlist.txt"

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Roger BaklundCommented:
You should also protect the passwords using MD5 or similar crypto hash.

if ( trim(substr($userInfo,33))==$user && substr($userInfo,0,32)==md5($pass) )
                  return 1;

Use the same function when you write the passwords to the userlist.txt file.

md5() will create strings like this: 008c5926ca861023c1d2a36653fd88e2
These strings are hard to decrypt, as md5 is a one-way function.
Your script is correct.
Just look in config.php

$file = "/LoginTest/userlist.txt";

$file = "LoginTest/userlist.txt";

Make sure that the folder "Login Test" contains the file userlist.txt, otherwise you need to create it and add some users into it.

Hope this helps.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.