password protection

[mh8759]

What's the best way to password protect my web pages? Should I use JavaScript, PHP or anything else? Which way is the easiest and which one is the most secure?
Anyone has any code examples?

Thanks
Mare

[TWTCommish]

It all depends really.

If you want something simple, you can simply have the passwords and usernames in an SQL database, and use something like this (it's all para-phrased of course, this code will not actually work):

if (isset($loginsubmit)) {
SELECT username, password FROM users WHERE username='$user'

if ($user == "$username" && $pass == "$password") {
echo("Correct! Good job");
}
else {
echo("Nice try, punk."):
}
}
else {
?>
<form action="<?php echo("$PHP_SELF"); ?>"
method="post">
Username: <input type="text" name="user"><br>
Password: <input type="password" name="pass"><br>
<input type="submit" name="loginsubmit" value="Login"><br>
</form>
<?php
}

Hope that helps.

[mh8759]

Thanks..i'll make some changes in your code and also make it to pass the values forward to another pages through query string...

Mare

[TWTCommish]

Ok, sounds good. Let me know if I can assist you further.

[Kevin Yank]

Even easier would be to just use an .htaccess file. Let me know if you need a pointer to a good tutorial on this.

[mh8759]

what can i do with it? i think i could use it, because now i have to forward values through query string and stuff like that, so that user doesn't have to type in user/pass twice or even more times..the way i've done it now is a little complicated...
i've made some kind of control panel for my site and i would like to have it password protected...however, i also need to protect other files in the control panel(addarticle.php,deletearticle.php etc). the easiest way would be to protect all files like TWTCommish said, but that can be very annoying for user(entering password every time).

Mare

[TWTCommish]

Then set cookies! Tricky at first, but simple and effective overall.