dlafko1 Posted July 6, 2010 Share Posted July 6, 2010 I am a beginner with very little experience. I am trying to learn how to create a secure website page. Were I get a list of names from a client with passwords I put them into the system and then there is a page/pages that these members can see by imputing there information. How do I do this.. example site would be www.schuylkillgop.org and then on the home page go to committee man log in.. This site was built by someone else and I am trying to do this for a site I am working on.. Any help would be appreciated.. Again I am a newbie so detailed explanation or the codes to do it would be great. Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/ Share on other sites More sharing options...
SoccerGloves Posted July 6, 2010 Share Posted July 6, 2010 Hi! There are a couple ways to do this. Method 1: make it yourself. One way is to actually build the security using PHP (or some other scripting language). What I mean is that you would write the computer code that would handle these tasks: (A) getting the users log in information, (B) checking that it is valid, © if valid, giving access to the protected area of the site, and © possibly also building a tool to register new users. This is the harder of the three options, but it is also more flexible and lets you do more cool things. For example, PHPFreaks uses something like this that was coded in PHP. Method 2: Use the server's security system. The second way is easier, simpler, but less powerful (I DON'T mean less secure - I mean it gives you less flexibility). It looks like the site that you gave as an example uses this kind of system. Server software (usually the open source Apache software) is what makes your website work - when someone types in your website address, Apache gets the request and responds by sending the requested page. Apache has a built-in system for creating website security, and it is pretty easy to use. However, whether it works or not may depend on your version of Apache (if you have that, which I'm pretty confident you do). I think it is a pretty standard system. Basically, you just need to create a special file on your server with the list of acceptable usernames and passwords, and Apache takes care of the rest. Actually, I think you need two files - one will end with ".htaccess" and the other with ".htpasswd". Even better, instead of creating these files, you can edit the Apache settings, but sometimes internet hosting services do not allow you to do this, so the ".htaccess" and ".htpasswd" file may be your best bet. This looked like a pretty good tutorial for how to do this: http://www.addedbytes.com/articles/password-protect-a-directory-with-htaccess/ And this is the official Apache website's article about security: (But I like the first tutorial better =) http://httpd.apache.org/docs/2.2/howto/htaccess.html#auth Method 3: Use somebody else's tool. There are a lot of cool, free tools like Wordpress, Drupal, Joomla!, and so on that handle users and passwords for you, and also help you to build your site, but they may or may not be what you are looking for. They are called "content management systems" (Or atleast I think that is what they are called! =) Hope this helps! -Ryan S Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/#findComment-1082109 Share on other sites More sharing options...
dlafko1 Posted July 6, 2010 Author Share Posted July 6, 2010 Thanks for the info.. For APache how do I get it if the server I am using does not have it or how do I access it.. I use godaddy. The php is one one I think i would rather use as it would be easier to edit users.. For PHP is that somenthing you can teach me thru Private E-mail? Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/#findComment-1082121 Share on other sites More sharing options...
dlafko1 Posted July 6, 2010 Author Share Posted July 6, 2010 I guess my question with Apache would be what files do I download to use? Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/#findComment-1082126 Share on other sites More sharing options...
SoccerGloves Posted July 6, 2010 Share Posted July 6, 2010 I looked on Godaddy, and it looks like they only use Apache, so you should be set in that regard (http://community.godaddy.com/help/article/124). I like the Apache method best for simplicity; you said "The php is the one I think I would rather use as it would be easier to edit users.. ", but I think the Apache method is easier for editing users, unless you want an automated registration process, or unless you want to attach more info to your users (like phone number or mailing address). If you just want a really simple security system with a small pool of users (maybe it would start getting tedious with 100 or more users) and as long as you don't mind the way it looks (the simple little pop-up window) then I think this would be my favorite way. Good to hear back from you by the way! I thought it was neat that you replied so quickly =) For the Apache tool, I don't think you need to download a file, you should just need to open up notepad and paste in the text shown in the tutorial, and then tweak it a little for your purposes (change the folder you want to password protect, and type in your users / passwords). Let me know if it works! Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/#findComment-1082152 Share on other sites More sharing options...
dlafko1 Posted July 6, 2010 Author Share Posted July 6, 2010 Ok I appreciate the addvise, Now remember I said really new to this so can you give me a step by step... I use dreamweaver to set up sites can I do it in there... The other site is using a htaccess file but when i try and open it from dreamweaver it says the file is unsupported.. NOw that is on a diffrent site so maybe they have it blocked so I can not access it.. Do I need a note pad file or can I use a file in Dreamweaver? I will try and let you know. Thanks for the help this is just above me.. Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/#findComment-1082183 Share on other sites More sharing options...
SoccerGloves Posted July 7, 2010 Share Posted July 7, 2010 OK! So, actually, Godaddy has a neat, easy-security tool built into it. (I have a godaddy account, too - I didn't break into yours or anything =) [*]Log on to godaddy.com [*]if not yet selected, click the "my account" tab at the top right [*]on the green strip that appears at the top of the page, click "my products". [*]Scroll down until you see a black bar with the heading "products". Bellow that and on the left is "web hosting" - click that. [*]the screen will change slightly and you will see your hosting plans listed - click the green "launch" arrow for the one that you want to work with. (you might only have one account, like me) [*]You should get a completely new screen after clicking the launch button. Click the large silver button near the top left that says "your files - manage site content". [*]This should give you a cool file-system tool on-screen. [*]Pick the folder that you want to protect. If you want a certain area of your website to be only available to members, then make a folder called "secure" or something. [*]After you have decided on the folder that you want to secure, check the check box beside the folder (don't enter the folder). [*]Look near the top of the tool, where you can see a lot of folder buttons, and click the one labeled "permissions" [*]On the panel that appears, There should be 3 tabs. Pick the tab for "password protect". [*]Check the check box labeled "Password protect directory". Now you have switched on security for this folder! [*]Use the gold "add user" button to add new users. Click the blue "remove user" link to remove users. Click the gold "OK" button when you are done. For me, it took about a minute for these changes to take effect on the actual site. I tried this out on a simple little site for my friends (we have sword-fights with padded sticks =) http://www.oftheword.com/sword/ And you can see that the site now requires a password. Hope this helps! Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/#findComment-1082520 Share on other sites More sharing options...
dlafko1 Posted July 7, 2010 Author Share Posted July 7, 2010 That was great.. Thanks alot 1 more question ONce logged in it allows you in untill you close the web page. Godaddy said you need a java or php script for them to log out or force it out after so long.. They do not do that.. Any ideas? Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/#findComment-1082607 Share on other sites More sharing options...
SoccerGloves Posted July 7, 2010 Share Posted July 7, 2010 Hmmm..good question. I found a few sites that look like they have a solution, so I'll look at it after work and see if I can find one. Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/#findComment-1082643 Share on other sites More sharing options...
dlafko1 Posted July 7, 2010 Author Share Posted July 7, 2010 Ok I looked at one but with absolutley no PHP experience or Java I had no idea what it was saying.. Thanks again I really appreciate your help Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/#findComment-1082652 Share on other sites More sharing options...
jhbalaji Posted July 9, 2010 Share Posted July 9, 2010 if you have no experience in PHP or mySql then just have a look in a simple login site i wrote http://jhbalaji.users.phpclasses.org/simple-login-class It simple to understand and will teach you the basics Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/#findComment-1083557 Share on other sites More sharing options...
SoccerGloves Posted July 9, 2010 Share Posted July 9, 2010 Hi! Sorry I've been slow. It doesn't look like there are any easy log-out solutions other than quitting the browser. If you really want to have that feature, we'll need to look at some PHP, which is fine too! I think the tool jhbalaji gave us along the right track, and I could help you with setting something like that up. It gets harder because you need to make changes to your web-pages themselves, instead of just clicking a switch on the godaddy admin panel, but it does have advantages (like you get to choose what the log-in box looks like, and it is actually on your page somewhere, and you get to have a log-out button =). Quote Link to comment https://forums.phpfreaks.com/topic/206879-secure-member-area/#findComment-1083779 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.