simcoweb Posted July 17, 2006 Share Posted July 17, 2006 This is a simple script that logs and then displays a log of IP addresses that has accessed certain areas of a website. I'd like to require that the site owner use a password in order to access it. But, I don't want to use standard .htaccess stuff cuz that lame grey box is butt ugly. So, when they want to access this 'view' script I want them to enter a password into a form field and on submit it would check it against a password variable set in say a config.php file then, if true, display the data as normal. If the password entered is false then it should display the 'failed' message with a chance to re-enter. The question is, can I do this within one script or do I need a separate login.php script to perform that action then it takes them to the view-ips.php script? I found a login snippet here in the code library and was trying to adapt that. Here it is:[code]session_start();include("config.php");$password = strip_tags(chop($_POST[password]));if($_GET[logout] == "true") { session_start(); unset($_SESSION['logged_in']); session_destroy();}if($password == $admin_password) { session_register("logged_in"); $_SESSION[logged_in] = "true";}if($_SESSION[logged_in] == "true") {echo "Logged in!<bR><a href=$_SERVER[PHP_SELF]?logout=true>logout</a>";} else {echo "<form method=post action=$_SERVER[PHP_SELF]><input type=text name=password></form>";}[/code]Here's the script part of my view-ips.php file. If this can be adapted to work within then great. If externally, then that's great also but need some help with how to do that.[code]<?php//IP logger file viewer - set variablesinclude 'config.php'; include 'header.php';$title = "<center><h4>IP Log File - Unauthorized Access Results</h4></center><p>";// Here's The Snippet Inserted// authenticate the user as the administratorsession_start();include("config.php");$password = strip_tags(chop($_POST[password]));if($_GET[logout] == "true") { session_start(); unset($_SESSION['logged_in']); session_destroy();}if($password == $admin_password) { session_register("logged_in"); $_SESSION[logged_in] = "true";}if($_SESSION[logged_in] == "true") {echo "Logged in!<bR><a href=$_SERVER[PHP_SELF]?logout=true>logout</a>";} else {echo "<form method=post action=$_SERVER[PHP_SELF]><input type=text name=password></form>";}[b]END OF THE SNIPPET[/b]// if successful it will connect to the database and display the infomysql_connect('$dbhost', '$dbuser', '$dbpass') or die(mysql_error());mysql_select_db($dbname) or die(mysql_error());echo "$title<p>";print "<table align='center' width='600' border='0'><tr><td>";// loop through array and print each line$query = "SELECT * FROM iplog"; $result = mysql_query($query) or die(mysql_error());while($row = mysql_fetch_array($result)){ echo $row['ip']. " - ". $row['date']; echo "<br />";} echo "</tr></td><tr><td><p><font face='Verdana' size='2'><strong>When you are through viewing these results click below to download an Excel CSV file or to erase the entries from the database.</strong></font><p></td></tr></table>";?> <table width="400" align="center"><tr><td width="200" align="center"><form action="closefile.php" method="POST"><input type="submit" name="submit" value="Close File"></form></td><td><form action="download.php" method="POST"><input type="submit" name"download" value="Download Excel File"></form></td></tr></table>[/code]I marked in there where the snippet starts and ends. It's between the 'Bold' tags that look out of place.Keeping in mind i'm a total newber and i'm using this little script as my launching pad to PHP greatness, any explanations of the code you change/add/suggest and what it does is GREATLY appreciated!Thanks! This forum rocks! Quote Link to comment Share on other sites More sharing options...
simcoweb Posted July 18, 2006 Author Share Posted July 18, 2006 ** bump ** :) Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted July 18, 2006 Share Posted July 18, 2006 something like this:[code=php:0]<?phpsession_start();//IP logger file viewer - set variablesinclude 'config.php';include 'header.php';$title = "<center><h4>IP Log File - Unauthorized Access Results</h4></center><p>";// authenticate the user as the administrator$password = strip_tags(chop($_POST['password']));if($_GET['logout'] == true){ unset($_SESSION['logged_in']); session_destroy();}if($password == $admin_password) { // session_register("logged_in"); -- this is not needed $_SESSION['logged_in'] = true;}if($_SESSION['logged_in'] == true){ echo 'Logged in!<br><a href="' . $_SERVER['PHP_SELF'] . '?logout=true">logout</a>'; // if successful it will connect to the database and display the info mysql_connect('$dbhost', '$dbuser', '$dbpass') or die(mysql_error()); mysql_select_db($dbname) or die(mysql_error()); echo $title . "<p>\n"; print "<table align='center' width='600' border='0'><tr><td>"; // loop through array and print each line $query = "SELECT * FROM iplog"; $result = mysql_query($query) or die(mysql_error()); while($row = mysql_fetch_array($result)) { echo $row['ip']. " - ". $row['date']; echo "<br />"; } echo <<<HTML</tr></td><tr><td><p><font face='Verdana' size='2'><strong>When you are through viewing these results click below to download an Excel CSV file or to erase the entries from the database.</strong></font><p></td></tr></table><table width="400" align="center"><tr><td width="200" align="center"><form action="closefile.php" method="POST"><input type="submit" name="submit" value="Close File"></form></td><td><form action="download.php" method="POST"><input type="submit" name"download" value="Download Excel File"></form></td></tr></table>HTML;}else{ echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '"><input type="text" name="password"><input type="submit" name="login" value="Login"></form>';}?>[/code] Quote Link to comment Share on other sites More sharing options...
simcoweb Posted July 18, 2006 Author Share Posted July 18, 2006 This worked like a charm. Thanks for taking the time!Quick question, you inserted an HTML tag with 3 <<<'s Just curious what the purpose is for the 3 and if it's required that I have the HTML label in there. Quote Link to comment Share on other sites More sharing options...
yonta Posted July 19, 2006 Share Posted July 19, 2006 It's heredoc syntax, a way to print out long chunks of html. Check it <a href="http://www.tizag.com/phpT/strings.php">here</a>. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.