Closed Thread Icon

Topic awaiting preservation: password protecting a website ? (Page 1 of 1) Pages that link to <a href="http://ozoneasylum.com/backlink?for=11999" title="Pages that link to Topic awaiting preservation: password protecting a website ? (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: password protecting a website ? <span class="small">(Page 1 of 1)</span>\

 
axleclarkeuk
Paranoid (IV) Inmate

From: Swansea, Wales, UK
Insane since: Aug 2001

posted posted 01-16-2002 11:09

Whats the easiest way to password protect a folder in a website ? I did have a link to a site that allowed me to configure my .htaccess file online and it then updated it for me, but i have since lost it and am looking ofr an easy way to achieve this ?

Any ideas folks ?

Thanks

GRUMBLE
Paranoid (IV) Mad Scientist

From: Omicron Persei 8
Insane since: Oct 2000

posted posted 01-16-2002 12:03

you could write yourself a script:

code:
$password='mypassword';
@session_register ("loggedon");
if ($loggedon!=1) {
if ($pwd!=$password) {
$loggedon=1;
echo"<form>
Passwort: <input type=password name=pwd><br>
<input type=submit name=pwdsubmit>
</form>";
exit();}
}
rest of code here...





[This message has been edited by GRUMBLE (edited 01-16-2002).]

jiblet
Paranoid (IV) Inmate

From: Minneapolis, MN, USA
Insane since: May 2000

posted posted 01-16-2002 21:33

Don't do that, anyone can get in by going to http://www.url.com/filename.php?loggedon=1.

If your server allows you to configure your directories with an .htaccess file then that is the method you should use. Simply put this in your .htaccess:

AuthUserFile full/path/to/the/directory/.htpasswd
AuthGroupFile /dev/null
AuthName name_to_be_displayed_in_login_window
AuthType Basic

<Limit GET POST>
require valid-user
</limit>

Then when your in the directory listed above, type:

htpasswd .htpasswd username

and enter a password. Repeat to create more user accounts.

-jiblet

GRUMBLE
Paranoid (IV) Mad Scientist

From: Omicron Persei 8
Insane since: Oct 2000

posted posted 01-16-2002 21:40

oh, really? oooops.

ok, forget my post.

sonic_tsunami
Bipolar (III) Inmate

From: some evil place, the evil little atoll
Insane since: Jan 2002

posted posted 02-01-2002 04:13

look for a script called ace password.

Pugzly
Paranoid (IV) Inmate

From: 127.0.0.1
Insane since: Apr 2000

posted posted 02-01-2002 04:18

http://www.gurusnetwork.com/tutorials/misc/htaccess.html

laggor
Obsessive-Compulsive (I) Inmate

From: ..san diego..ca..usa..
Insane since: Feb 2002

posted posted 02-03-2002 20:32

ack.. i had something different here..
i need to read the question better next time.. =]

[This message has been edited by laggor (edited 02-03-2002).]

lallous
Paranoid (IV) Inmate

From: Lebanon
Insane since: May 2001

posted posted 02-04-2002 14:54

jiblet,

code:
Don't do that, anyone can get in by going to [url=http://www.url.com/filename.php?loggedon=1.]http://www.url.com/filename.php?loggedon=1.[/url]



grumble,

code:
if ($loggedon!=1) {
if ($pwd!=$password) {
$loggedon=1;



instead of using the 'if $loggedon' , use instead: if (session_is_registered('loggedon') && $loggedon)) { // show logged page here }

air_phear
Nervous Wreck (II) Inmate

From: sweden
Insane since: Jul 2001

posted posted 02-17-2002 12:47

or..

if youre have a login page,
with a :

<form action="protected.php" method=post>
<input type=password name=password>
<input type=submit value=Login>
</form>

...
(protected.php) :
<?
if ($password=="whatever_words")
{
?>
<html> ...

...</html>
<?
}
else
{
echo "$password is not a valid password";
}
?>

::
is'nt this pretty easy, but maybe its no good ? :]


over here----------------------------------------------------------->

« BackwardsOnwards »

Show Forum Drop Down Menu