ev5unleash Posted June 18, 2008 Share Posted June 18, 2008 Alright, What I'm trying to do is using HTML or PHP to password protect a certain site/page. Usernames would be nice and I have PHP/MySQL installed on my server. Any ideas? Link to comment https://forums.phpfreaks.com/topic/110826-php-password-protect/ Share on other sites More sharing options...
xtopolis Posted June 18, 2008 Share Posted June 18, 2008 http://us.php.net/manual/en/intro.session.php Link to comment https://forums.phpfreaks.com/topic/110826-php-password-protect/#findComment-568608 Share on other sites More sharing options...
lemmin Posted June 18, 2008 Share Posted June 18, 2008 I would have a database with a users table that has a username and a corresponding password that was hashed. Check the username and password against what the user types and allow or disallow access. As xtopolis suggested, you can use sessions to check if the user has logged in yet so that he or she doesn't have to log in for each page that you may want to protect. The PHP should generate the content that you don't want public so that there is no way for someone to get the information by bypassing the PHP. Good luck! Link to comment https://forums.phpfreaks.com/topic/110826-php-password-protect/#findComment-568611 Share on other sites More sharing options...
whizard Posted June 18, 2008 Share Posted June 18, 2008 You need a MySQL table that stores the user information for each user it might look something like this: id | username | password | privilege | email where id is the primary key. You need a login page, which takes a POSTed username and password from the user and compares them to the values stored in the DB. The query would look something like this: SELECT * FROM `table` WHERE `username` = $username AND `password` = $password if there is a result, than the person has entered valid credentials and should be allowed in. To do this, you need to create a session with all the user's values in it. It is good practice to avoid saving a group of values in the first level of the SESSION array, because it's hard to keep it organized. In other words, instead of setting $_SESSION['username'], you want to store the user's information in an array within the SESSION array: $_SESSION['user']['username'] That way, if you also have a shopping cart and a form and some other things on your site which use sessions, it will stay better organized and you won't accidentally overwrite, say, the user's email address with a value from a form. If there is no result, you need to stop the user from entering and instead send them to an error page which tells them that they entered an invalid user/pass combo. Then, on each page, you should have a script to check the $_SESSION['user'] array to make see if someone is logged in. If they are logged in, the variable $_SESSION['user']['username'] will exist. Finally, you need a logout page which destroys all the $_SESSION['user'] values. Keep in mind that you need to add session_start() to the top of every page in order to allow it to access the session info. That's the basic overview. HTH Dan Link to comment https://forums.phpfreaks.com/topic/110826-php-password-protect/#findComment-568612 Share on other sites More sharing options...
mnielsen Posted June 18, 2008 Share Posted June 18, 2008 Google 'simple login script tutorial'. Just read through a couple of them but don't use there examples specifically. Get a feel for what you want then use some of the methods they've shown you to create your own. All else fails you can use a pre-written script and adapt it for yourself. Link to comment https://forums.phpfreaks.com/topic/110826-php-password-protect/#findComment-568615 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.