0

I am new to php and working on a hangman game. I have a home.php that takes you to the homepage and their is a login form that the user must submit a username and a password. If the username and password match with the one I have set, it will redirect to hangman.php. I want some advice if the way I have written the script is correct or not. Also, I am getting a 500 error after the user logs in. I don't know why. I will paste the code down below.

Update: I have added the code for hangman.php

home.php

<?php

    // starting a new session
    session_start();

    if(isset($_POST['uname'], $_POST['psw'])){

        $uname= "my_admin";
        $psw = "password";

        if($_POST['uname'] == $uname && $_POST['psw'] == $psw) {

            $_SESSION["uname"] = "my_admin";
            $_SESSION["psw"] = "password";

            # array holds errors
            $errors = array();

        # validation starts here
        if(empty($_POST['uname'])){
            $errors['uname1'] = "Your name cannot be empty";
        }

            # check strlength
        if(strlen($_POST['uname']) < 6){
            $errors['uname2'] = "Must be longer than 6 characters";
        }

            # check username
        if ($_POST['uname'] !== "my_admin"){
            $errors['uname3'] = "You are not the admin";

        }

        if($_POST['uname'] == "my_admin" &&  $_POST['psw'] == "password"){
            header('Location:hangman.php');
            exit();
        }else{
            $errors['uname4'] = "Please try again";
        }


        if(empty($_POST['psw'])){
            $errors['psw1'] = "Your password cannot be empty";
        }

        if(strlen($_POST['psw']) < 6){
            $errors['psw2'] = "Must be longer than 6 characters";
        }

        if($_POST['psw'] !== "password"){
            $errors['ps3'] = "AH AH AH thats not it";
        }else{
            header('Location:hangman.php');
            exit();
        }


        if(count($errors) == 0){
            # redirect to the game page
            header('Location:hangman.php');
            exit();
        }
    }
}


    ?>

form for my script to run against

<div class="container">
</p>

<label for="uname"><b>Username</b></label>
<input type="text" placeholder="Enter Username" name="uname">
<p>
<?php if(isset($errors['uname1']))
        echo $errors['uname1'];  ?>
</p>
<p>
<?php if(isset($errors['uname2']))
        echo $errors['uname2'];  ?>
</p>
<p>
<?php if(isset($errors['uname3']))
        echo $errors['uname3'];  ?>
</p>
<p>
<?php if(isset($errors['uname4']))
    echo $errors['uname4'];  ?>
</p>




<label for="psw"><b>Password</b></label>
<input type="password" placeholder="Enter Password" name="psw">
<p>
<?php if(isset($errors['psw1'])) echo $errors['psw1'];  ?>
</p>
<p>
<?php if(isset($errors['psw2'])) echo $errors['psw2'];  ?>
</p>
<?php if(isset($errors['psw3'])) echo $errors['psw3'];  ?>
</p>

<button name="check" type="submit" value="submit">Login</button>
</div>
</form>

hangman.php

<?php
    require_once 'hangedman.php';
    $words = array('VIETNAM', 'PEOPLE', 'PYTHON');
    $numwords = 0;
    function printPage($image, $guesstemplate, $which, $guessed, $wrong) {
        echo <<<ENDPAGE
        <!DOCTYPE html>
        <html>
        <head>
        <title>Hangman</title>
        <link rel="stylesheet" type="text/css" href="home.css">
        </head>
        </html>
        <body>

        <h1 style='color: red'>Hangman Game</h1>
        <br />
        <pre style='color: red'>$image</pre>
        <br />
        <p style='color:red'><strong>Word to guess: $guesstemplate</strong></p>
        <p style='color:red'>Letters used in guesses so far: $guessed</p>
        <form method="post" action="$script">
        <input type="hidden" name="wrong" value="$wrong" />
        <input type="hidden" name="lettersguessed" value="$guessed" />
        <input type="hidden" name="word" value="$which" />
        <fieldset>
        <legend style='color: red'>Your next guess</legend>
        <input type="text" name="letter" autofocus />
        <input type="submit" value="Guess" />
        </fieldset>
        </form>
        </body>
        ENDPAGE;
    }
    function loadWords() {
        global $words;
        global $numwords;
        $input = fopen("./words.txt", "r");
        while (true) {
            $str = fgets($input);
            if (!$str) break;
            $words[] = rtrim($str);
            $numwords++;
        }
        fclose($input);
    }
    function startGame() {
        global $words;
        global $numwords;
        global $hang;
        $which = rand(0, $numwords - 1);
        $word =  $words[$which];
        $len = strlen($word);
        $guesstemplate = str_repeat('_ ', $len);
        $script = $_SERVER["PHP_SELF"];
        printPage($hang[0], $guesstemplate, $which, "", 0);
    }
    function killPlayer($word) {
        echo <<<ENDPAGE
        <!DOCTYPE html>
        <html>
        <head>
        <title>Hangman</title>
        </head>
        <body>
        <h1>You lost!</h1>
        <p>The word you were trying to guess was <em>$word</em>.</p>
        </body>
        </html>
        ENDPAGE;
    }
    function congratulateWinner($word) {
        echo <<<ENDPAGE
        <!DOCTYPE html>
        <html>
        <head>
        <title>Hangman</title>
        </head>
        <body>
        <h1>You win!</h1>
        <p>Congratulations! You guessed that the word was <em>$word</em>.</p>
        </body>
        </html>
        ENDPAGE;
    }
    function matchLetters($word, $guessedLetters) {
        $len = strlen($word);
        $guesstemplate = str_repeat("_ ", $len);
        for ($i = 0; $i < $len; $i++) {
            $ch = $word[$i];
            if (strstr($guessedLetters, $ch)) {
                $pos = 2 * $i;
                $guesstemplate[$pos] = $ch;
            }
        }
        return $guesstemplate;
    }
    function handleGuess() {
        global $words;
        global $hang;
        $which = $_POST["word"];
        $word  = $words[$which];
        $wrong = $_POST["wrong"];
        $lettersguessed = $_POST["lettersguessed"];
        $guess = $_POST["letter"];
        $letter = strtoupper($guess[0]);
        if(!strstr($word, $letter)) {
            $wrong++;
        }
        $lettersguessed = $lettersguessed . $letter;
        $guesstemplate = matchLetters($word, $lettersguessed);
        if (!strstr($guesstemplate, "_")) {
            congratulateWinner($word);
        } else if ($wrong >= 6) {
            killPlayer($word);
        } else {
            printPage($hang[$wrong], $guesstemplate, $which, $lettersguessed, $wrong);
        }
    }
    //header("Content-type: text/plain");
    loadWords();
    $method = $_SERVER["REQUEST_METHOD"];
    if ($method == "POST") {
        handleGuess();
    } else {
        startGame();
    }
    ?>
CodeMonkey
  • 403
  • 4
  • 15
  • 2
    500 status code == check your error logs – Patrick Q Oct 19 '18 at 15:49
  • ^ or check the answer on here: https://stackoverflow.com/questions/1053424/how-do-i-get-php-errors-to-display and print them to screen – Dammeul Oct 19 '18 at 15:50
  • Also, check out and use http://php.net/manual/en/function.password-hash.php to hash the password when you save it to a database. – Dammeul Oct 19 '18 at 15:51
  • Then use http://php.net/manual/en/function.password-verify.php to check that it is correct when logging the user in. – Dammeul Oct 19 '18 at 15:51
  • I am not using a database. I just want to use sessions() to check if the usernam and password is the one I have specified. – CodeMonkey Oct 19 '18 at 15:52
  • Here I am presuming you have users register an account which stores the password somewhere for them to log in again... though obvious at the moment, you just want the password to be 'password'... moving forward you definitely need to look into hashing etc. – Dammeul Oct 19 '18 at 15:52
  • Definitely check errors, and work out which statement you are getting to will help your debugging – Dammeul Oct 19 '18 at 15:53
  • I have pasted this in my code to check errors display_errors = on; but it doesn't even pull the page up. I am getting 500 on this page also. – CodeMonkey Oct 19 '18 at 15:54
  • Are you able to look in your actual error log anywhere... somewhere in your webserver setup – Dammeul Oct 19 '18 at 15:55
  • Whats in hangman.php? If you get there... the error is in there. – Dammeul Oct 19 '18 at 15:57
  • I am getting the error failed to read session data – CodeMonkey Oct 19 '18 at 16:01
  • Please paste the full error message in your question and point out the related line(s) of code. – Patrick Q Oct 19 '18 at 16:03
  • I have added the `hangman.php` script also – CodeMonkey Oct 19 '18 at 16:04

0 Answers0