SitePoint Sponsor

User Tag List

Results 1 to 7 of 7
  1. #1
    SitePoint Member KeZZeR's Avatar
    Join Date
    Feb 2005
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Secure login for admin page

    Ok so i've been planning out a CMS i'm developing and i've pretty much got my head around all the queries that are needed and all that stuff. The only problem is, i have no idea how to do a secure login. I've got one of the site point books (build your own database driven website using PHP and mySQL 2nd edition) but it doesn't really mention much about secure login.

    Now the admin section i'll be using will have only one page but will be including scripts from a switch statement in it so you're never going to move from say admin.php.

    Can someone give me an example of a decent and secure way of logging into an admin page?

    Cheers

  2. #2
    SitePoint Wizard silver trophy Jelena's Avatar
    Join Date
    Feb 2005
    Location
    Universum, 3rd Corner
    Posts
    3,000
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Well, the easiest way is to put admin in a subdirectory and protect it with .htaccess.
    Of course this will only work on apache.
    -- Jelena --

  3. #3
    SitePoint Member KeZZeR's Avatar
    Join Date
    Feb 2005
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I can't access the .htaccess file on my server. My web host has only given me permission to the directory to upload the web pages and i can't go up a directory to get it

  4. #4
    SitePoint Wizard silver trophy Jelena's Avatar
    Join Date
    Feb 2005
    Location
    Universum, 3rd Corner
    Posts
    3,000
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    You do have a permission to create a directory? I presume you do. Then you have permission to upload your own .htaccess file
    -- Jelena --

  5. #5
    SitePoint Member KeZZeR's Avatar
    Join Date
    Feb 2005
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ah i see, i thought that .htaccess worked by editing a current file. I'll have a good look at the link you posted.

    So the idea is to protect a certain folder, say /admin/ ? Will it then ask for a password and username to gain access to it?

    Cheers
    Owner, Designer and Coder of kezzer.co.uk

  6. #6
    SitePoint Wizard silver trophy Jelena's Avatar
    Join Date
    Feb 2005
    Location
    Universum, 3rd Corner
    Posts
    3,000
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Of course, and you set username and password to whatever you want.
    -- Jelena --

  7. #7
    SitePoint Member KeZZeR's Avatar
    Join Date
    Feb 2005
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Magic! I'll have a gander at that later on Thanks very much!
    Owner, Designer and Coder of kezzer.co.uk


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •