SitePoint Sponsor

User Tag List

Results 1 to 18 of 18
  1. #1
    SitePoint Zealot
    Join Date
    Feb 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    password protected

    Is it possible to have a series of pages that are protected by a password. I have database results that are contained over a series of four pages depending on which table you view, but I only want certain people to be able to see them? Is it possible to have somebody input a password only once and then it's remembered regardless of which page they go to for say 20 minutes?

  2. #2
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Yes. To login, you add a $_SESSION variable for their data, and then look for the $_SESSION in the password-protected pages.
    Also look into the COOKIE method, as it will keep them logged in even if they close the window, for your chosen time period.
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  3. #3
    SitePoint Zealot
    Join Date
    Jun 2007
    Location
    Regina, SK, Canada
    Posts
    129
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    have
    Code PHP:
    at the top of your pages you want protected, along with
    Code PHP:
    if(!$_SESSION['loggedin']) exit;

    When the user logs... (make sure session_start() is on your login page)

    Code PHP:
    if($_POST['username'] == 'ted' && $_POST['password'] == 'turner'){
        $_SESSION['loggedin'] = 1
        header("yourprotectedpage.php");
    } else {
        echo 'Login information is incorrect!';
    }

  4. #4
    SitePoint Zealot
    Join Date
    Feb 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sorry to sound really stupid, but where do I keep the usernames and passwords? Is it in a database?

  5. #5
    SitePoint Zealot
    Join Date
    Jun 2007
    Location
    Regina, SK, Canada
    Posts
    129
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    With the example I gave you, the username is set in the page. I suggest searching the forums for using them with a database. The HTML for the page would look something like this:

    Code HTML4Strict:
    <form method="post">
    Username: <input type="text" name="username" />
    <br />
    Password: <input type="text" name="password" />
    <br />
    <input type="submit" name="submit" value="Login" />
    </form>

    The PHP would look like this...

    Code PHP:
    if(isset($_POST['submit'])){
      if($_POST['username'] == 'ted' && $_POST['password'] == 'turner'){
          $_SESSION['loggedin'] = 1
          header("yourprotectedpage.php");
      } else {
          echo 'Login information is incorrect!';
      }
    }

  6. #6
    SitePoint Zealot
    Join Date
    Feb 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for that, I'll have a look

  7. #7
    SitePoint Zealot
    Join Date
    Feb 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sorry one other question. In your reply you had
    PHP Code:
    header("yourprotectedpage.php"); 
    but when I changed that to my own page I got an error saying that there was a
    Parse error: parse error, unexpected T_STRING
    on line 5 which is the line that has the header bit of the code

  8. #8
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    it should be:
    PHP Code:
    header("location: yourprotectedpage.php"); 
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  9. #9
    SitePoint Zealot
    Join Date
    Feb 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks, so
    PHP Code:
    <?php
    session_start
    ();
    echo 
    'please log in';
    if(isset(
    $_POST['submit'])){
      if(
    $_POST['username'] == 'ted' && $_POST['password'] == 'test'){
          
    $_SESSION['loggedin'] = 1
          header
    ("location: yourprotectedpage.html");
      } else {
          echo 
    'Login information is incorrect!';
      }
    }
    ?>
    would work?

  10. #10
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)

    Thumbs up

    Not quite, but close. I would use:

    PHP Code:
    <?php
    session_start
    ();
    if(isset(
    $_POST['submit'])){
      if(
    $_POST['username'] == 'ted' && $_POST['password'] == 'test'){
          
    $_SESSION['loggedin'] = TRUE;
          
    header("location: yourprotectedpage.html");
      } else {
          echo 
    'Login information is incorrect!';
      }
    }
    echo 
    'please log in';
    ?>
    You shouldn't send a header after text has been output. Also line 6 had no ";", and it's strictly incorrect (although not bad practice) to use boolean values rather than integer values for true/false variables.
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  11. #11
    SitePoint Zealot
    Join Date
    Feb 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks, I'll give it a go

  12. #12
    SitePoint Zealot
    Join Date
    Feb 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sorry I keep on getting an error saying that the page cannot be displayed when I try click on the login button. But if I go direct to the page without using the login form I can see it. I'm sure that I've got something wrong somewhere so have added all of the code for the page, which incidently is called databases.php
    Code:
    <?php
    session_start();
    if(isset($_POST['submit'])){
      if($_POST['username'] == 'ted' && $_POST['password'] == 'test'){
          $_SESSION['loggedin'] = TRUE;
          header("location: results2.html");
      } else {
          echo 'Login information is incorrect!';
      }
    }
    echo 'please log in';
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
    <title>Untitled Document</title>
    </head>
    
    <body>
    <form action="results2.html" method="post">
    Username: <input type="text" name="username" />
    <br />
    Password: <input type="password" name="password" />
    <br />
    <input type="submit" name="submit" value="Login" />
    </form>
    </body>
    </html>

  13. #13
    SitePoint Zealot
    Join Date
    Feb 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sorry I forgot to mention that I'm using php 4.3.2. I don't know if that makes any difference, but thought I should mention it.

  14. #14
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    So you're saying that results2.html does exist? What does it look like?
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  15. #15
    SitePoint Zealot
    Join Date
    Feb 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It's just a plain page with four images, three of which are links to php files. That's all that is on the page

  16. #16
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Try changing the line:
    PHP Code:
    <form action="results2.html" method="post"
    to
    PHP Code:
    <form action="<? echo $_SERVER['PHP_SELF']; ?>" method="post">
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  17. #17
    SitePoint Zealot
    Join Date
    Feb 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you that, it now works perfectly. One other question though, how do I protect other pages so that people don't need to keep on logging in when they got to a new page?

  18. #18
    SitePoint Zealot
    Join Date
    Feb 2006
    Posts
    133
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No worries I tried:
    PHP Code:
    <?php
    session_start
    ();
    if(!
    $_SESSION['loggedin']) exit;
    ?>
    and that seems to work.

    Thanks for your help


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •