Entry
i want to make a place where users must supply their username and password, i havent found anything.
Feb 22nd, 2008 19:58
dman, Ben Harvey, jarrod nettles, http://www.ttnr.org
I created password protection for my homepages as soon as I'd got to
grips with the concept of PHP. Password protection is easy, but it
depends on the level of security you're seeking.
You need to create a login page using plain HTML (no PHP is needed) and
a form. For the form:
ACTION="password_check_script.php" (or whatever)
METHOD=post
You have two text input boxes on your login page: user name and
password, with names defined (for example) as uname and upass. When the
user clicks the submit button on your form, the values of uname and
upass will be posted to password_check_script.php as variables: $uname
and $upass. It's a doddle.
(Look at the source code of my login page for an example:
http://www.sublimatic.org)
You can easily check the values of $uname and $upass against predefined
values in your "password_check_script.php" if you're simply after basic
security. More sophisticated would be a small database of users and
passwords, against which your script compares the supplied details.
This has the advantage of enabling you to control who uses your site
individually, rather than using a single password for everyone.
Once you've confirmed that the supplied details are correct, you need
to redirect visitors to the protected area of your site. You do this
using a
header("Location: newpage.html");
command, but you must ensure that you do this before your
password_check_script.php outputs ANYTHING at all to the browser. You
can't print anything to the screen before calling the header command,
or you'll get an error.
When this is all working, add checks to the content pages of your site,
and session variables to ensure that nobody's going straight to a
content page and bypassing the security. This is more tricky, but PHP's
built-in session functions make it reasonably straightforward.
HTH.
Ben
