$pass_entered = md5($_POST['password']);
$file = "filename.php";
$text = file($file) or die("unable to read file");
$fh = fopen($file, 'r') or die("unable to open file");
foreach($text as $line)
list($name, $pass) = explode(',', $line);
if ($pass_entered == $pass)
$_SESSION['section'] = $name;
There is something wrong there. You are using the password to check for the username. This assumes no two users will ever pick the same password. By the way why are you using the file system instead of a DB for this?
Also you have an unnecessary fopen() and fclose() in there.
i see now that i didn't need to open the file if i read it into an array, duh!
i am using a file system because that is the requirement by my teacher. we have to make a small independent cms(sort of).
the purpose of the password protection is so that all users can access only one directory. i have 3 directories (Section_1, 2, and 3). The way I can tell which directory to send the user is by the password they enter. there is no username. what would be the username is actually the name of the directory that the password is associated with. so when the pass matches, i read the name and that is the directory i send them to.
i thought this was the easiest way to direct a user to a directory depending on the password given. do you have a suggestion of an easier way - the less code the better if you ask me! i love learning php - it's awesome!
anyways - thanks to you both for helping, that pesky "\n" was a real pain in my arse.
Answers to all your questions can be found at: PHP Manual