I am trying to create a simple PHP form where the user must enter one of six predetermined passwords, these will be TSS01, TSS02, TSS03, TSS04, TSS05 and TSS06.
The form currently functions properly when using only numeric passwords.
PHP coding follows:
<?php
if(empty($_POST['name']) || empty($_POST['code'])) {
die(print "<meta http-equiv=\"refresh\" content=\"0;URL=error.html\">");
}
$name=$_POST['name'];
$code=$_POST['code'];
$to='[email protected]';
$headers = 'From: '.$name."\r\n" .
'Reply-To: '.$name."\r\n" .
'X-Mailer: PHP/' . phpversion();
$subject = 'SECRET SUPPER FORM ENTRY';
$body='Entry References'."\n\n";
$body.='Name: '.$name."\n";
$body.='Code: '.$code."\n";
if( !empty( $_POST['code'] ) && $_POST['code'] == TSS01) {
$submit = mail($to, $subject, $body, $headers, "From: <$name>");
print "<meta http-equiv=\"refresh\" content=\"0;URL=success.html\">";
} else {
print "<meta http-equiv=\"refresh\" content=\"0;URL=error.html\">";
}
?>
How can this form be verified by any six of these passwords? The passwords are already set and cannot be changed, they must be those exactly.
You can do something like:
$passwords = array('TSS01', 'TSS02', 'TSS03', 'TSS04', 'TSS05', 'TSS06');
// !empty( $_POST['code'] ) - you dont need to check again if is empty, you already do it on the firsts lines
if( in_array($_POST['code'], $passwords)) {
// Passwords is ok
}