How to add usernames to this code?

Question

I'm a complete newb in PHP, and the only reason I got this far was because I was trying to guess what everything does. I guess I was lucky that it worked this far.

So basically, I'm using the PHP Wake On LAN code that I found here to make a simple page that I log into, to remotely turn on my computer. I decided to add a username, rather than just a password, so maybe I could have multiple users. I've done everything successfully so far except one thing. When I log in, check my computer, and hit "Wake all selected", it logs me out immediately and doesn't send the magic packet. Any tips on what I could change to fix this? As soon as I remove the 'and' and the username bit in the if statement that checks for both user and pass to be correct, it works. But then there's no user and pass verifying going on. The if statement I'm talking about is the second if under the === Test for password protection === part.

You can demo the code on my site to see the issue in action here: http://trivisionzero.com/wol/ Just use 'user', 'pass'. (to recreate it, select any computer and press wake button)

Full code so far:








 "Shane-EPC", "MAC" => "changed for security", "IP" => "changed for security", "WakeIP" =>
"changed for security");
$config_network_data_array[] = array("name" => "Demo", "MAC" => "changed for security", "IP" => "changed for security", "WakeIP" =>
"changed for security");
$config_network_data_array[] = array("name" => "Demo", "MAC" => "changed for security", "IP" => "changed for security", "WakeIP" =>
"changed for security");

// Port number where the computer is listening. Usually, any number between 1-50000 will do. Normally people choose 7 or 9.
$socket_number = "7";

$my_password = 'pass';
$my_username = 'user';

$html_title = 'TrivisionZero PC Waker';

$config_table_columns = array('name', 'IP', 'MAC', 'links');

# The following function is copied (with some edits, to suppress output and return TRUE or an error message) from:
# http://www.hackernotcracker.com/2006-04/wol-wake-on-lan-tutorial-with-bonus-php-script.html

# Wake on LAN - (c) HotKey@spr.at, upgraded by Murzik
# Modified by Allan Barizo http://www.hackernotcracker.com

flush();

function WakeOnLan($addr, $mac,$socket_number) {

   $separator = ':';
   if (strstr ( $mac, '-' ) ) {
      $separator = '-';
   }
   $addr_byte = explode($separator, $mac);

   $hw_addr = '';
   for ($a=0; $a <6; $a++) $hw_addr .= chr(hexdec($addr_byte[$a]));
   $msg = chr(255).chr(255).chr(255).chr(255).chr(255).chr(255);
   for ($a = 1; $a <= 16; $a++) $msg .= $hw_addr;
   // send it to the broadcast address using UDP
   // SQL_BROADCAST option isn't help!!
   $s = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP);
   if ($s == false) {
//      echo "Error creating socket!
";
//      echo "Error code is '".socket_last_error($s)."' - " . socket_strerror(socket_last_error($s));
      return "Error creating socket!
Error code is '".socket_last_error($s)."' - " . socket_strerror(socket_last_erro
($s));
//      return FALSE;
      }
   else {
      // setting a broadcast option to socket:
      $opt_ret = socket_set_option($s, 1, 6, TRUE);
      if($opt_ret <0) {
//         echo "setsockopt() failed, error: " . strerror($opt_ret) . "
";
         return "setsockopt() failed, error: " . strerror($opt_ret) . "
";
//         return FALSE;
         }
      if(socket_sendto($s, $msg, strlen($msg), 0, $addr, $socket_number)) {
//         echo "Magic Packet sent successfully!";
         socket_close($s);
         return TRUE;
         }
      else {
//         echo "Magic packet failed!";
         return "Magic packet failed!";
//         return FALSE;
         }
      }
   }

/* ============================== some predefined texts ====================================== */

$display_sent = 'Magic Packet sent successfully!';
$button_text = 'Wake!';
$button_text2 = 'Wake all selected';

//this is where I added my username part
$username_element = "Username: ";
$password_element = "
Password: ";


$table_html = "
";
$logout_html = '';

/* ========================= Test for password protection ==================================== */
$wake_MAC_array = array();

if (!isset ($_POST['logout'])) {
   $input_password = $_POST['password'];
   $input_username = $_POST['username'];

}
//($my_password === '') is if you want no password
if (($input_password === $my_password) and ($input_username === $my_username)) {
   $logged_in = TRUE;
   $hidden_login = "";
   if ($my_password !== '') {
      $logout_html = "

";
   }
   if ( (isset ($_POST['tickbox'])) and (is_array($_POST['tickbox']) ) ) {
      $checkbox_array = $_POST['tickbox'];
      foreach ($checkbox_array as $mac_address => $tickbox_setting) {
         $wake_MAC_array[$mac_address] = $tickbox_setting;
      }

   }

} else {
   $logged_in = FALSE;
   $hidden_login = '';
   $table_html_user = $username_element;
   $table_html = $password_element;
}

/* ================================ LOGGED-IN users only ===================================== */
/* ======================= construct table for listing of devices ============================ */

if ($logged_in == TRUE) {
   $table_row = "
";
   foreach ($config_table_columns as $key => $column_heading) {
      $table_row .= '';
   }
   $table_row .= '';
   $table_row .= '';
   $table_html .= $table_row . "
";
   foreach ($config_network_data_array as $device_key => $device_values) {
      $table_row = "
";
      $mac = $device_values['MAC'];
      $device_name = $device_values['name'];
      $status_cell = '';
      foreach ($config_table_columns as $key => $column_heading) {
         if (isset ( $device_values[$column_heading])) {
            $value = $device_values[$column_heading];
            if ($column_heading == 'MAC') {
/* special coding for MAC address column; prepare clickable button */
               $this_MAC = $value;
               $value = "";

               if (( $_POST['wake_MAC'] === $this_MAC ) or (array_key_exists ($this_MAC,
$wake_MAC_array))) {
                  $status = WakeOnLan ($device_values['WakeIP'], $this_MAC, $socket_number) ;
                  if ( $status === TRUE ) {
                     $status = $display_sent;
                  }
                  $status_cell = "";
               }
            }
         } elseif ($column_heading == 'links') {
/* special coding for links column; prepare clickable links from $config_network_links_array */
            $value = '';
            if (isset ( $config_network_links_array[$device_name])) {
               foreach ($config_network_links_array[$device_name] as $link_title => $link_URL) {
                  if ( $value !== '') {
                     $value .= '
';
                  }
                  $value .= '' . $link_title . '';
               }
            }
         } else {
            $value = '';
         }
      if ($value === '') {
         $value = ' ';
      }
      $table_row .= '';
      }
/* now add a checkbox to wake up this device */
      $table_row .= '';
/* now add the status message (if applicable) for the attempt to send a packet to this device */
      $table_row .= $status_cell;
      $table_html .= $table_row . "
";
   }
   $table_html .= "' . $column_heading . ' Wake Up! status
  $status ' . $value . ' ' . "" . '
";
   $table_html .= "
";
}
/* =========================================================================================== */
/* ======================= Now output the html that we've built ============================== */

echo $html_title;

echo "
";
echo '';
echo $table_html_user;
echo $table_html;
echo $hidden_login;
echo $logout_html;
echo "
";

?>

Dezza · Accepted Answer

When you are logged in and then submit the form to wake a machine, you are passing the password in a hidden field, but not the username.

As you are not passing the username, $input_username = null and thus the check if (($input_password === $my_password) and ($input_username === $my_username)) becomes if (('pass' === 'pass') and (null === 'user')) which is false and this is why you get logged out.

How to add usernames to this code?

Answers (1)

Related Questions