Hey all. I'd like to create a page that is password protected so only those with the log/pw can access the page. Can anyone provide me with the code to do this? If no code can someone point me in the right direction? Thanks :)

You'll either need to use some sort of server-side scripting (PHP, ASP, Perl, etc.), or if your web server supports it (e.g. Apache) you can create a .htaccess login/password on the directory(ies) you want to protect.

Well the simple method is to use javascript but anyone with any knowledge at all can get the password in about 2 seconds. The correct way is to do it serverside. Find out what serverside languages your host supports, that's the 1st step

I should be able to create a .htaccess although I'm not sure how to do it. My pages are php. I think I got a basic one though through javascript. I know it's not that secure but it's not classified material I'm trying to protect.

If you go to http://www.interlinksgolf.com and click on the courses button you will see it. I think this is good enough for now unless creating a server side pw protect is fairly quick and easy.

You can create a protected page by naming it with the password, such as XR7vu89.htm.

Then write a login page to access the site:
<html>
<head>
<title>Untitled</title>
<script language="javascript">
<!--
function LogIn(form)
{
document.location = form.password.value + ".htm";
}
// -->
</script>
</head>
<body>
<br><br>
To access the contents of this site, please login with the username and password provided to you:
<br><br>
<form name="login" onSubmit="Javascript: LogIn(this); return(false);">
<center>
<table border="2" cellpadding="2" width="250">
<tr>
<td colspan="2"><b>Log In</b></td>
</tr>
<tr>
<td>Username:</td>
<td align="right"><input name="username" size="10"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="password" size="10"</td>
</tr>
<tr>
<td colspan="2">
<p align="center"><input type="submit" value="Submit"</td>
</tr>
</table>
</center>
</form>
</body>
</html>

It's not absolutely fool-proof, but it's better than including the password in your script.
If the user types the correct password (which you have provided by secure means - encrypted email; snail-mail; telephone... whatever), he/she will be directed to the XR7vu89.htm page, otherwise they'll get the 404 Error window.

Doug

If you restrict access, such as a .htaccess file, you can have a little better protection.

Forget Javascript if you want a password protected page and use server side processing. If you do a search on .htpasswd you should find pages that tell you how to set up password protection that can then be turned on via the .htaccess file.

With server side password protection someone needs to break into the server to bypass the password. With Javascript "password protection" you only need to find out where the supposedly protected page is to bypass all of the "protection".

if your pages are php then just use php to make it.

With PHP (and other server side languages) you can define certain session variables when the person logs on which are automatically passed to all pages. Each page then just needs to test for the existance of the variables and if they don't exist then transfer control to the login screen. Unset the session variables when they logout.

If you are always reading a record from a database that relates to the person logged in then you could generate a random token as the session variable to pass and use that to do the database lookup by storing it in a field in the database when they login and deleting it when they logout (as well as setting and unsetting the session vatriable). That way for someone to hijack a session they not only need to know what session variable you are using but it has to be assigned to someone who is actually logged in at that time.