Topic awaiting preservation: password protecting a website ? $Pages that link to <a href="https://ozoneasylum.com/backlink?for=11999" title="Pages that link to Topic awaiting preservation: password protecting a website ?" rel="nofollow" >Topic awaiting preservation: password protecting a website ?\$

Author	Thread
axleclarkeuk Paranoid (IV) Inmate From: Swansea, Wales, UK Insane since: Aug 2001	posted 01-16-2002 11:09 Whats the easiest way to password protect a folder in a website ? I did have a link to a site that allowed me to configure my .htaccess file online and it then updated it for me, but i have since lost it and am looking ofr an easy way to achieve this ? Any ideas folks ? Thanks
GRUMBLE Paranoid (IV) Mad Scientist From: Omicron Persei 8 Insane since: Oct 2000	posted 01-16-2002 12:03 you could write yourself a script: code: $password='mypassword'; @session_register ("loggedon"); if ($loggedon!=1) { if ($pwd!=$password) { $loggedon=1; echo"<form> Passwort: <input type=password name=pwd><br> <input type=submit name=pwdsubmit> </form>"; exit();} } rest of code here... [This message has been edited by GRUMBLE (edited 01-16-2002).]
jiblet Paranoid (IV) Inmate From: Minneapolis, MN, USA Insane since: May 2000	posted 01-16-2002 21:33 Don't do that, anyone can get in by going to http://www.url.com/filename.php?loggedon=1. If your server allows you to configure your directories with an .htaccess file then that is the method you should use. Simply put this in your .htaccess: AuthUserFile full/path/to/the/directory/.htpasswd AuthGroupFile /dev/null AuthName name_to_be_displayed_in_login_window AuthType Basic <Limit GET POST> require valid-user </limit> Then when your in the directory listed above, type: htpasswd .htpasswd username and enter a password. Repeat to create more user accounts. -jiblet
GRUMBLE Paranoid (IV) Mad Scientist From: Omicron Persei 8 Insane since: Oct 2000	posted 01-16-2002 21:40 oh, really? oooops. ok, forget my post.
sonic_tsunami Bipolar (III) Inmate From: some evil place, the evil little atoll Insane since: Jan 2002	posted 02-01-2002 04:13 look for a script called ace password.
Pugzly Paranoid (IV) Inmate From: 127.0.0.1 Insane since: Apr 2000	posted 02-01-2002 04:18 http://www.gurusnetwork.com/tutorials/misc/htaccess.html
laggor Obsessive-Compulsive (I) Inmate From: ..san diego..ca..usa.. Insane since: Feb 2002	posted 02-03-2002 20:32 ack.. i had something different here.. i need to read the question better next time.. =] [This message has been edited by laggor (edited 02-03-2002).]
lallous Paranoid (IV) Inmate From: Lebanon Insane since: May 2001	posted 02-04-2002 14:54 jiblet, code: Don't do that, anyone can get in by going to [url=http://www.url.com/filename.php?loggedon=1.]http://www.url.com/filename.php?loggedon=1.[/url] grumble, code: if ($loggedon!=1) { if ($pwd!=$password) { $loggedon=1; instead of using the 'if $loggedon' , use instead: if (session_is_registered('loggedon') && $loggedon)) { // show logged page here }
air_phear Nervous Wreck (II) Inmate From: sweden Insane since: Jul 2001	posted 02-17-2002 12:47 or.. if youre have a login page, with a : <form action="protected.php" method=post> <input type=password name=password> <input type=submit value=Login> </form> ... (protected.php) : <? if ($password=="whatever_words") { ?> <html> ... ...</html> <? } else { echo "$password is not a valid password"; } ?> :: is'nt this pretty easy, but maybe its no good ? :] over here----------------------------------------------------------->

Topic awaiting preservation: password protecting a website ?\$

Author

Thread

axleclarkeuk
Paranoid (IV) Inmate

From: Swansea, Wales, UK
Insane since: Aug 2001

posted 01-16-2002 11:09

Whats the easiest way to password protect a folder in a website ? I did have a link to a site that allowed me to configure my .htaccess file online and it then updated it for me, but i have since lost it and am looking ofr an easy way to achieve this ?

Any ideas folks ?

Thanks

GRUMBLE
Paranoid (IV) Mad Scientist

From: Omicron Persei 8
Insane since: Oct 2000

posted 01-16-2002 12:03

you could write yourself a script:

code:

$password='mypassword';

@session_register ("loggedon");

if ($loggedon!=1) {

  if ($pwd!=$password) {

    $loggedon=1;

    echo"<form>

    Passwort: <input type=password name=pwd><br>

    <input type=submit name=pwdsubmit>

    </form>";

    exit();}

}

rest of code here...

[This message has been edited by GRUMBLE (edited 01-16-2002).]

jiblet
Paranoid (IV) Inmate

From: Minneapolis, MN, USA
Insane since: May 2000

posted 01-16-2002 21:33

Don't do that, anyone can get in by going to http://www.url.com/filename.php?loggedon=1.

If your server allows you to configure your directories with an .htaccess file then that is the method you should use. Simply put this in your .htaccess:

AuthUserFile full/path/to/the/directory/.htpasswd
AuthGroupFile /dev/null
AuthName name_to_be_displayed_in_login_window
AuthType Basic

<Limit GET POST>
require valid-user
</limit>

Then when your in the directory listed above, type:

htpasswd .htpasswd username

and enter a password. Repeat to create more user accounts.

-jiblet

GRUMBLE
Paranoid (IV) Mad Scientist

From: Omicron Persei 8
Insane since: Oct 2000

posted 01-16-2002 21:40

oh, really? oooops.

ok, forget my post.

sonic_tsunami
Bipolar (III) Inmate

From: some evil place, the evil little atoll
Insane since: Jan 2002

posted 02-01-2002 04:13

look for a script called ace password.

Pugzly
Paranoid (IV) Inmate

From: 127.0.0.1
Insane since: Apr 2000

posted 02-01-2002 04:18

http://www.gurusnetwork.com/tutorials/misc/htaccess.html

laggor
Obsessive-Compulsive (I) Inmate

From: ..san diego..ca..usa..
Insane since: Feb 2002

posted 02-03-2002 20:32

ack.. i had something different here..
i need to read the question better next time.. =]

[This message has been edited by laggor (edited 02-03-2002).]

lallous
Paranoid (IV) Inmate

From: Lebanon
Insane since: May 2001

posted 02-04-2002 14:54

jiblet,

code:

Don't do that, anyone can get in by going to [url=http://www.url.com/filename.php?loggedon=1.]http://www.url.com/filename.php?loggedon=1.[/url]

grumble,

code:

if ($loggedon!=1) {

  if ($pwd!=$password) {

    $loggedon=1;

instead of using the 'if $loggedon' , use instead: if (session_is_registered('loggedon') && $loggedon)) { // show logged page here }

air_phear
Nervous Wreck (II) Inmate

From: sweden
Insane since: Jul 2001

posted 02-17-2002 12:47

or..

if youre have a login page,
with a :

<form action="protected.php" method=post>
<input type=password name=password>
<input type=submit value=Login>
</form>

...
(protected.php) :
<?
if ($password=="whatever_words")
{
?>
<html> ...

...</html>
<?
}
else
{
echo "$password is not a valid password";
}
?>

::
is'nt this pretty easy, but maybe its no good ? :]

over here----------------------------------------------------------->