| Author |
Message |
Justin
4WebHelp Addict
Joined: 07 Jan 2002
Posts: 1060
|
 Posted:
Sun Apr 28, 2002 2:46 pm (21 years, 11 months ago) |
  |
Right!
I've just designed my PHP News Script, although the thing is anyone can access it by visiting the appropriate page on my site, and then can publish there articles, what I wanted to do, is get a box to pop up in internet explorer asking for a username and password to access the page (news.php), how would I do this?
Thanks
Justin |
|
|
     |
|
Daniel
Team Member
Joined: 06 Jan 2002
Posts: 2564
|
| Posted:
Sun Apr 28, 2002 4:05 pm (21 years, 11 months ago) |
|
Isn't it possible to use .htaccess Password Protection? |
________________________________
 |
|
|
|
Darren
Team Member
Joined: 05 Feb 2002
Posts: 549
Location: London
|
| Posted:
Sun Apr 28, 2002 4:24 pm (21 years, 11 months ago) |
|
If its just one file could you hard code the username and password into the script.
How secure would this be? |
|
|
 |
|
Justin
4WebHelp Addict
Joined: 07 Jan 2002
Posts: 1060
|
| Posted:
Sun Apr 28, 2002 4:29 pm (21 years, 11 months ago) |
|
403 
| Code: |
HTACCESS :
AuthName "The Kop Online News Administration"
AuthType Basic
AuthUserFile .htpasswd
Allow From All
<Files news.php>
Deny From All
</Files>
|
http://www.koponline.cc/news.php |
|
|
|
|
Justin
4WebHelp Addict
Joined: 07 Jan 2002
Posts: 1060
|
| Posted:
Sun Apr 28, 2002 4:31 pm (21 years, 11 months ago) |
|
| Darren wrote: | If its just one file could you hard code the username and password into the script.
How secure would this be? |
I'd rather have the pop-up box to be honest, so the visitors can't see the admin page! |
|
|
|
|
Darren
Team Member
Joined: 05 Feb 2002
Posts: 549
Location: London
|
| Posted:
Sun Apr 28, 2002 4:33 pm (21 years, 11 months ago) |
|
Firstly do you need to provide the full path to the .htpassword file? I did when I set mine up.
Secondly, how did you generate the password? it took me several attempts with various scripts people had online before I found one that worked. |
|
|
|
|
Daniel
Team Member
Joined: 06 Jan 2002
Posts: 2564
|
| Posted:
Sun Apr 28, 2002 4:34 pm (21 years, 11 months ago) |
|
Try this?
| Code: | <Files news.php>
AuthName "The Kop Online News Administration"
AuthType Basic
AuthUserFile .htpasswd
</Files>
|
|
________________________________
|
|
|
|
Justin
4WebHelp Addict
Joined: 07 Jan 2002
Posts: 1060
|
| Posted:
Sun Apr 28, 2002 4:39 pm (21 years, 11 months ago) |
|
| Daniel wrote: | Try this?
| Code: | <Files news.php>
AuthName "The Kop Online News Administration"
AuthType Basic
AuthUserFile .htpasswd
</Files>
|
|
now it doesn't ask for any authentication, goes straight to the script |
|
|
|
|
Darren
Team Member
Joined: 05 Feb 2002
Posts: 549
Location: London
|
| Posted:
Sun Apr 28, 2002 4:40 pm (21 years, 11 months ago) |
|
What about?
| Code: | <?
if($username != "myusername" && $password != "mypassword") {
// Login form
//i.e. two text inputs with names 'username' and 'password' and a submit button
} else {
//your news script
}
?>
|
|
|
|
|
|
Justin
4WebHelp Addict
Joined: 07 Jan 2002
Posts: 1060
|
| Posted:
Sun Apr 28, 2002 4:41 pm (21 years, 11 months ago) |
|
| Darren wrote: | Firstly do you need to provide the full path to the .htpassword file? I did when I set mine up.
Secondly, how did you generate the password? it took me several attempts with various scripts people had online before I found one that worked. |
The script is in the root directory, along with the .htaccess and .htpasswd file.
Generated the password using the tool suggested in the tutorial on this site! |
|
|
|
|
Daniel
Team Member
Joined: 06 Jan 2002
Posts: 2564
|
| Posted:
Sun Apr 28, 2002 4:41 pm (21 years, 11 months ago) |
|
Well, try this then:
| Code: | if ($password=="yourpassword") {
ALL YOUR CODE HERE
}
else {
print ("Please login."); |
Then access your script like this:
news.php?password=yourpassword
You'll then have to include the password in all links in your script, if there are any. |
________________________________
|
|
|
|
Justin
4WebHelp Addict
Joined: 07 Jan 2002
Posts: 1060
|
| Posted:
Sun Apr 28, 2002 4:44 pm (21 years, 11 months ago) |
|
| Daniel wrote: | Well, try this then:
| Code: | if ($password=="yourpassword") {
ALL YOUR CODE HERE
}
else {
print ("Please login."); |
Then access your script like this:
news.php?password=yourpassword
You'll then have to include the password in all links in your script, if there are any. |
I may use that as a stopgap, but I really need a solution with a pop-up password box for a few clients that I am designing sites for, as the problem would be, as you can guess, people can see the password just by looking at the address bar if they are watching you. |
|
|
|
|
Daniel
Team Member
Joined: 06 Jan 2002
Posts: 2564
|
| Posted:
Sun Apr 28, 2002 4:46 pm (21 years, 11 months ago) |
|
Could you password protect the whole directory (and if needed move the script to it's own directory)? |
________________________________
|
|
|
|
Justin
4WebHelp Addict
Joined: 07 Jan 2002
Posts: 1060
|
| Posted:
Sun Apr 28, 2002 4:48 pm (21 years, 11 months ago) |
|
|
|
|
Darren
Team Member
Joined: 05 Feb 2002
Posts: 549
Location: London
|
| Posted:
Sun Apr 28, 2002 4:52 pm (21 years, 11 months ago) |
|
| Justin wrote: | | I may use that as a stopgap, but I really need a solution with a pop-up password box for a few clients that I am designing sites for, as the problem would be, as you can guess, people can see the password just by looking at the address bar if they are watching you. |
Then do it my waywith a little form and use session variables to keep them logged in between pages. |
|
|
|
|
|
|
