Jump to content

Recommended Posts

hello.

im trying to password protect my pages in a simple way like this:

http://www.scottconnell.com/sniplets/password_protection/

 

but for some reason it doesnt chek the login file, so it doesnt work:

<?php require_once 'login.php'; ?>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Untitled Document</title>
<style type="text/css">
#form1 table tr td label {
}
#form1 table {
	text-align: left;
}
#wrapper {
  margin: 20px auto;
  text-align: center;
  font-size: 20px;
}
#wrapper2 {
  margin: 20px auto;
  text-align: center;
  font-size: 20px;
}
</style>
</head>

<body>

<div id="wrapper">
--<a href="tilfojer.html">Tilføj Aktivitet</a>--<br>
--<a href="tilfojtilvalg.html">Tilføj Tilvalg</a>--<br>
--<a href="tilfojrestaurant.html">Tilføj Restaurant</a>--<br>
--<a href="tilfojmenu.html">Tilføj Menu</a>--
</div>

<div id="wrapper2">
--<a href="seaktivitet.php">Se Aktiviteter</a>--<br>
--<a href="setilvalg.php">Se Tilvalg</a>--<br>
--<a href="serestaurant.php">Se Restauranter</a>--<br>
--<a href="semenu.php">Se Menuer</a>--
</div>

</body>

<a href="?logout=1">Logout</a>
</html>

that is how i implemented it. made the file an php file

 

can somone tell me why it doesnt work. and maybe how to make it work, and why that works :P

 

many thanks

Link to comment
https://forums.phpfreaks.com/topic/290515-password-protection/
Share on other sites

Did you read the code you're using? Do you realize that anybody can create any cookie they want? The entire “password protection” is nothing but a giant brainfart, so no wonder it “doesn't work” (whatever that means).

 

Learn PHP and write your own code. It's no rocket science. In this case, you'd simply use standard PHP sessions to store the log-in status.

Link to comment
https://forums.phpfreaks.com/topic/290515-password-protection/#findComment-1488129
Share on other sites

Thanks for the kind words Jacqass1, and what obvious vulnerabilities can you find with my password protection script? I know very well how to use sessions, but I choose to use a cookie instead. I wanted it to be simple for new coders, and I didn't want the login to expire.when I closed the browser.

 

As far as the login.php not working loxfear, do you have login.php in the same directory as your page? You might try using the full directory path with include_once.

Link to comment
https://forums.phpfreaks.com/topic/290515-password-protection/#findComment-1488151
Share on other sites

Thanks for the kind words Jacqass1, and what obvious vulnerabilities can you find with my password protection script?

 

Do you not realize that anybody can create the log-in cookie herself and skip your “protection” entirely? You might as well check the URL for “is_admin=true”.

 

 

 

I know very well how to use sessions, but I choose to use a cookie instead. I wanted it to be simple for new coders, and I didn't want the login to expire.when I closed the browser.

 

Sessions do not expire when you close the browser. The session ID is in fact stored in a cookie, and you can set the lifetime to anything you want.

 

The point is: Unlike your home-made cookie stuff, PHP sessions actually work. We've all used them for many years. Wouldn't it make sense to rely on a proven solution rather than trying to do it all by yourself?

Link to comment
https://forums.phpfreaks.com/topic/290515-password-protection/#findComment-1488170
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.