[SOLVED] whats the best to protect a page

[paulman888888]

I don't know whats the best way to protect a page.

 

I would like to set up a password at the top of my page.

It's not a user sign then can view the page type of think.

Just a quick enter password and then your in type of thing.

It's just for me and my mate.

I don't want to use Mysql.

[rhodesa]

easiest way is with HTACCESS

 

http://www.javascriptkit.com/howto/htaccess3.shtml

[paulman888888]

am not allowed HTACCESS on the server.

[BlueSkyIS]

http://www.zubrag.com/scripts/password-protect-advanced.php

[paulman888888]

Could i use Something like

(I don't know how to write this in php language)

 

<?php
$password = anything //i will change this later
If $post[password] is = to $password

{
code goes here think

}
else
{
echo Wrong password}

?>

[BlueSkyIS]

yes. i would set a session variable to indicate the user has logged in successfully and check for that variable on every page that is to be protected, header()'ing the user back to the log in page if the variable is NOT set.

[paulman888888]

I know i shouldn't ask but i will.

 

Can you show me one please or make one please.

 

I havent learnt sessions yet, but i do know post and get.

 

thankyou very much.

[corbin]

OK.....  This is extremely simple.

 

Here's your directory structure:

some_folder:

-some_file.php

-some_other_file.php

-login.php

-logout.php

 

Login could be something like:

 

<?php
session_start(); //initiate the session stuff
$password = 'CorbinIsAwesome';

if(isset($_SESSION['logged_in'] && $_SESSION['logged_in'] == true) {
    echo 'You are already logged in!';
}
else {
    if(isset($_POST['password'])) {
        if($_POST['password'] == $password) { 
            $_SESSION['logged_in'] = true;
            echo 'Correct password!  You are now logged in!';
        }
        else {
            echo 'Incorrect password!';
        }
    }

//heredoc syntax.  Look it up if you don't know what it is

echo <<<HERE
<form action="" method="POST">
Password: <input type="text" name="password" value="" /><br />
<input type="submit" value="Login!" />
</form>
HERE;

}

?>

 

 

 

Then...  At the top of each page you want to protect, you could just do:

 

<?php
session_start();
if(!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] != true) {
    require 'login.php';
    exit;
}

//The rest of the content here

?>

 

Then logout.php:

 

<?php
session_start();
if(isset($_SESSION['logged_in'])) unset($_SESSION['logged_in);
?>

 

 

That's not the way I would personally do it (mainly because I don't like the include and exit part), but it's about as basic as it gets.

[paulman888888]

thankyou