simcoweb Posted July 17, 2006 Share Posted July 17, 2006 This is a simple script that logs and then displays a log of IP addresses that has accessed certain areas of a website. I'd like to require that the site owner use a password in order to access it. But, I don't want to use standard .htaccess stuff cuz that lame grey box is butt ugly. So, when they want to access this 'view' script I want them to enter a password into a form field and on submit it would check it against a password variable set in say a config.php file then, if true, display the data as normal. If the password entered is false then it should display the 'failed' message with a chance to re-enter. The question is, can I do this within one script or do I need a separate login.php script to perform that action then it takes them to the view-ips.php script? I found a login snippet here in the code library and was trying to adapt that. Here it is:[code]session_start();include("config.php");$password = strip_tags(chop($_POST[password]));if($_GET[logout] == "true") { session_start(); unset($_SESSION['logged_in']); session_destroy();}if($password == $admin_password) { session_register("logged_in"); $_SESSION[logged_in] = "true";}if($_SESSION[logged_in] == "true") {echo "Logged in!<bR><a href=$_SERVER[PHP_SELF]?logout=true>logout</a>";} else {echo "<form method=post action=$_SERVER[PHP_SELF]><input type=text name=password></form>";}[/code]Here's the script part of my view-ips.php file. If this can be adapted to work within then great. If externally, then that's great also but need some help with how to do that.[code]<?php//IP logger file viewer - set variablesinclude 'config.php'; include 'header.php';$title = "<center><h4>IP Log File - Unauthorized Access Results</h4></center><p>";// Here's The Snippet Inserted// authenticate the user as the administratorsession_start();include("config.php");$password = strip_tags(chop($_POST[password]));if($_GET[logout] == "true") { session_start(); unset($_SESSION['logged_in']); session_destroy();}if($password == $admin_password) { session_register("logged_in"); $_SESSION[logged_in] = "true";}if($_SESSION[logged_in] == "true") {echo "Logged in!<bR><a href=$_SERVER[PHP_SELF]?logout=true>logout</a>";} else {echo "<form method=post action=$_SERVER[PHP_SELF]><input type=text name=password></form>";}[b]END OF THE SNIPPET[/b]// if successful it will connect to the database and display the infomysql_connect('$dbhost', '$dbuser', '$dbpass') or die(mysql_error());mysql_select_db($dbname) or die(mysql_error());echo "$title<p>";print "<table align='center' width='600' border='0'><tr><td>";// loop through array and print each line$query = "SELECT * FROM iplog"; $result = mysql_query($query) or die(mysql_error());while($row = mysql_fetch_array($result)){ echo $row['ip']. " - ". $row['date']; echo "<br />";} echo "</tr></td><tr><td><p><font face='Verdana' size='2'><strong>When you are through viewing these results click below to download an Excel CSV file or to erase the entries from the database.</strong></font><p></td></tr></table>";?> <table width="400" align="center"><tr><td width="200" align="center"><form action="closefile.php" method="POST"><input type="submit" name="submit" value="Close File"></form></td><td><form action="download.php" method="POST"><input type="submit" name"download" value="Download Excel File"></form></td></tr></table>[/code]I marked in there where the snippet starts and ends. It's between the 'Bold' tags that look out of place.Keeping in mind i'm a total newber and i'm using this little script as my launching pad to PHP greatness, any explanations of the code you change/add/suggest and what it does is GREATLY appreciated!Thanks! This forum rocks! Link to comment https://forums.phpfreaks.com/topic/14890-whats-the-best-way-to-require-a-login-to-access-this/ Share on other sites More sharing options...
simcoweb Posted July 18, 2006 Author Share Posted July 18, 2006 ** bump ** :) Link to comment https://forums.phpfreaks.com/topic/14890-whats-the-best-way-to-require-a-login-to-access-this/#findComment-59905 Share on other sites More sharing options...
wildteen88 Posted July 18, 2006 Share Posted July 18, 2006 something like this:[code=php:0]<?phpsession_start();//IP logger file viewer - set variablesinclude 'config.php';include 'header.php';$title = "<center><h4>IP Log File - Unauthorized Access Results</h4></center><p>";// authenticate the user as the administrator$password = strip_tags(chop($_POST['password']));if($_GET['logout'] == true){ unset($_SESSION['logged_in']); session_destroy();}if($password == $admin_password) { // session_register("logged_in"); -- this is not needed $_SESSION['logged_in'] = true;}if($_SESSION['logged_in'] == true){ echo 'Logged in!<br><a href="' . $_SERVER['PHP_SELF'] . '?logout=true">logout</a>'; // if successful it will connect to the database and display the info mysql_connect('$dbhost', '$dbuser', '$dbpass') or die(mysql_error()); mysql_select_db($dbname) or die(mysql_error()); echo $title . "<p>\n"; print "<table align='center' width='600' border='0'><tr><td>"; // loop through array and print each line $query = "SELECT * FROM iplog"; $result = mysql_query($query) or die(mysql_error()); while($row = mysql_fetch_array($result)) { echo $row['ip']. " - ". $row['date']; echo "<br />"; } echo <<<HTML</tr></td><tr><td><p><font face='Verdana' size='2'><strong>When you are through viewing these results click below to download an Excel CSV file or to erase the entries from the database.</strong></font><p></td></tr></table><table width="400" align="center"><tr><td width="200" align="center"><form action="closefile.php" method="POST"><input type="submit" name="submit" value="Close File"></form></td><td><form action="download.php" method="POST"><input type="submit" name"download" value="Download Excel File"></form></td></tr></table>HTML;}else{ echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '"><input type="text" name="password"><input type="submit" name="login" value="Login"></form>';}?>[/code] Link to comment https://forums.phpfreaks.com/topic/14890-whats-the-best-way-to-require-a-login-to-access-this/#findComment-60048 Share on other sites More sharing options...
simcoweb Posted July 18, 2006 Author Share Posted July 18, 2006 This worked like a charm. Thanks for taking the time!Quick question, you inserted an HTML tag with 3 <<<'s Just curious what the purpose is for the 3 and if it's required that I have the HTML label in there. Link to comment https://forums.phpfreaks.com/topic/14890-whats-the-best-way-to-require-a-login-to-access-this/#findComment-60185 Share on other sites More sharing options...
yonta Posted July 19, 2006 Share Posted July 19, 2006 It's heredoc syntax, a way to print out long chunks of html. Check it <a href="http://www.tizag.com/phpT/strings.php">here</a>. Link to comment https://forums.phpfreaks.com/topic/14890-whats-the-best-way-to-require-a-login-to-access-this/#findComment-60250 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.