|
|
|
The following is simple password protection scheme.
Create a folder and place the following two files into it, namely "index.php" and "auth.php".
The secret is simply to call the auth.php (require_once) for any document you want to protect in the folder. That way if your script is called, it first loads in the auth.php script and checks the user ID and password. If user ID and password don't match, then the auth script ends prohibiting access to the remaining script. However -- if they do match, then the auth script allows any code thereafter to run. Pretty simple.
So, replace the index.php with whatever you want (keeping the require_once segment) and use the auth.php "as is". Oh, remember to replace the user ID and password to what you want.
To see a working example, please review:
http://www.xn--ovg.com/pw
tedd
index.php
|
<?php
require_once ("auth.php");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=ISO-8859-1">
<title>Password by tedd</title>
</head>
<body>
<h1>tedd's password demo</h1>
</body>
</html> | |
auth.php
| <?php
$id = "test"; // user id
$pw = "test"; // password
// Check to see if $PHP_AUTH_USER already contains info
if (!isset($_SERVER['PHP_AUTH_USER']))
{
// If empty, send header causing dialog box to appear
header('WWW-Authenticate: Basic realm="My Private Stuff"');
header('HTTP/1.0 401 Unauthorized');
exit;
}
else if (isset($_SERVER['PHP_AUTH_USER']))
{
if (($_SERVER['PHP_AUTH_USER'] != $id) || ($_SERVER['PHP_AUTH_PW'] != $pw))
{
header('WWW-Authenticate: Basic realm="My Private Stuff"');
header('HTTP/1.0 401 Unauthorized');
exit;
}
else
{
// do nothing, everything is OK -- all programs that call this will pass here
}
}
?> | |
|
|
| Form Security - Match A Value For Success
Categories : PHP, Authentication, HTML and PHP, Sessions, Security | | | Authenticator for Exchange Server LDAP
Categories : PHP, Authentication, LDAP, Security, Sessions | | | A damaged image generator (class) for validating text.
CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart
Categories : PHP, PHP Classes, Security, GD image library, Security | | | Use of bitmasks to represent permissions
Categories : PHP, Authentication, Bitwise Operators, Security, PHP Classes | | | phpSecurePages is a PHP module to secures pages with a loginname and
password. It handles multiple user groups (each has own viewing rights),
store data in a MySQL database or a configuration file, and can be used to
identify Web site viewers.
Categories : PHP, Security, Authentication | | | redirect redirection ip address authentication authenticate addr
Categories : Authentication, HTTP, Network, PHP | | | MD5 secured login
Categories : PHP, Java Script, Authentication, Security | | | A simple PHP login script that you can modify to suite your needs. It use a session to store data in a session file submited by the page.
Categories : PHP, Sessions, Security, Authentication | | | HTTP Basic Authentication via POP3.
Categories : Authentication, HTTP, Email, PHP | | | PHP Function to Encrypt/Decrypt a string without a known key. The string itself has his own different key for every character.
Categories : PHP, Algorithms, Security, Authentication, Encryption | | | Authentication HTTP protocol POST
Categories : Authentication, HTTP, PHP | | | Password using php, Javascript, and html form
Categories : Security, PHP, Authentication, Java Script | | | Password protection for Phorum 3.1.x with userlevels and log.
Categories : PHP, MySQL, Authentication, Security | | | IP Blocking
Categories : PHP, Security, HTTP | | | PHP4 AND MySQL Authentication
Categories : PHP, MySQL, Authentication, Databases | |
|
|
