SolidSnake021
10-29-2006, 10:29 PM
I'd like to make a page on frontpage that requires a username and password. i'll email people usernames and passwords i just need to know how to get a username and password thing on.
Click to See Complete Forum and Search --> : Making a password protected page
Compguy Pete
10-31-2006, 12:33 AM
how many users are we talking about? Depending on the goals of your site consider using PHPNuke or PHPsite or some other CMS like that.
You can do this also without using a CMS by modifying the .HTaccess file.
You can do this also without using a CMS by modifying the .HTaccess file.
noobstar
10-31-2006, 12:52 AM
I assume you are going to do this in either php or asp because you will need a database to store all those usernames and passwords. Here is a login script in php i had found and tested and used for a few of my own sites it's just below this message, if you have any questions what so ever please let me know and we'll get them sorted :)
login.php (the name of the script file call them exactly as they are to get it working)
<?php
//This will connect to your database
$db_host = 'localhost'; //your host usually is localhost
$db_username = 'root'; //the username of your mysql
$db_pass = ''; //your password for your mysql
$db_name = 'login'; //The name of your database
//This will connect to database for you
mysql_connect("$db_host", "$db_username", "$db_pass") or die(mysql_error());
mysql_select_db("$db_name") or die(mysql_error());
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
//Stores the username into the cookie
$username = $_COOKIE['ID_my_site'];
//Stores the password into a cookie
$pass = $_COOKIE['Key_my_site'];
//Checks the database if the username is correct against the username that was submitted
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
//Checks if the password is blank or not
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password']) //if the password is blank it does nothing
{
}
else
{
header("Location: members.php"); //if the password is correct it redirects you to the members page
}
}
}
//Checks to see if the form has been submitted
if (isset($_POST['submit']))
{
//This makes sure they filled all the required fields username & password
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.'); //This is a simple message that will display if the user did not fill in all the fields
}
//Checks the login data against the database
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist. <a href=register.php target=mainFrame>Register</a>');
die('<a href=top.php target=topFrame>Click here to go back</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = $_POST['pass'];
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password.');
}
else
{
//If the login is ok then it adds a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600; //The time until the cookie will expire which is an hour you can set this to what ever you want
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);
//then redirect them to the members area
header("Location: members.php");
}
}
} else {
// if they are not logged in
?>
<!-- THIS WILL DISPLAY THE LOGIN FORM -->
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="20">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="20">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
members.php
<?php
// Connects to your Database
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("login") or die(mysql_error());
//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
//Checks if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{
header("Location: login.php"); //redirects to the login page
}
//Checks to see who logged in
if ($username == 'admin') //this is just some additional code which will distinguish a normal user from a administrator
{
//If an admin logs in it will display ese links
echo "<center>";
echo "<br /><br /><br /><br /><br /><br /><br /> Admin Area | ";
echo "<a href=adminmaint.php target=mainFrame>Maintenance</a> | ";
echo "<a href=upload.html target=mainFrame>Upload</a> | ";
echo "<a href=logout.php>Logout</a>";
echo "</center>";
}
else
{
//everyone else gets to see these links
echo "<center>";
echo "<br /><br /><br /><br /><br /><br /><br />Welcome back ".$username." | ";
echo "<a href=usermaint.php target=mainFrame>Profile</a> | ";
echo "<a href=upload.html target=mainFrame>Upload</a> | ";
echo "<a href=logout.php>Logout</a>";
echo "</center>";
}
}
}
else
//if the cookie does not exist, they are taken to the login screen
{
header("Location: login.php");
}
?>
logout.php
<?php
//This script will kill the cookie immediately
$past = time() - 100;
//this makes the time in the past to destroy the cookie
setcookie(ID_my_site, gone, $past); //deletes the username cookie
setcookie(Key_my_site, gone, $past); //deletes the password cookie
header("Location: login.php"); //redirects the user to the login page
?>
The database i had used was called "login" (without the quotes) the tables i had in it were "ID" (which was set to autonumber) "username" & "password" (all without the quotes). But you can always make your own tables and have different names for each field just be sure you change those on the script files. Ohh and before i forget i use wampserver (http://www.wampserver.com/) to deploy the php scripts and do my databases, you can download it for free from the website above.
If you need anything else let me know :)
Enjoy.
login.php (the name of the script file call them exactly as they are to get it working)
<?php
//This will connect to your database
$db_host = 'localhost'; //your host usually is localhost
$db_username = 'root'; //the username of your mysql
$db_pass = ''; //your password for your mysql
$db_name = 'login'; //The name of your database
//This will connect to database for you
mysql_connect("$db_host", "$db_username", "$db_pass") or die(mysql_error());
mysql_select_db("$db_name") or die(mysql_error());
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
//Stores the username into the cookie
$username = $_COOKIE['ID_my_site'];
//Stores the password into a cookie
$pass = $_COOKIE['Key_my_site'];
//Checks the database if the username is correct against the username that was submitted
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
//Checks if the password is blank or not
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password']) //if the password is blank it does nothing
{
}
else
{
header("Location: members.php"); //if the password is correct it redirects you to the members page
}
}
}
//Checks to see if the form has been submitted
if (isset($_POST['submit']))
{
//This makes sure they filled all the required fields username & password
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.'); //This is a simple message that will display if the user did not fill in all the fields
}
//Checks the login data against the database
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist. <a href=register.php target=mainFrame>Register</a>');
die('<a href=top.php target=topFrame>Click here to go back</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = $_POST['pass'];
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password.');
}
else
{
//If the login is ok then it adds a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600; //The time until the cookie will expire which is an hour you can set this to what ever you want
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);
//then redirect them to the members area
header("Location: members.php");
}
}
} else {
// if they are not logged in
?>
<!-- THIS WILL DISPLAY THE LOGIN FORM -->
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="20">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="20">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
members.php
<?php
// Connects to your Database
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("login") or die(mysql_error());
//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
//Checks if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{
header("Location: login.php"); //redirects to the login page
}
//Checks to see who logged in
if ($username == 'admin') //this is just some additional code which will distinguish a normal user from a administrator
{
//If an admin logs in it will display ese links
echo "<center>";
echo "<br /><br /><br /><br /><br /><br /><br /> Admin Area | ";
echo "<a href=adminmaint.php target=mainFrame>Maintenance</a> | ";
echo "<a href=upload.html target=mainFrame>Upload</a> | ";
echo "<a href=logout.php>Logout</a>";
echo "</center>";
}
else
{
//everyone else gets to see these links
echo "<center>";
echo "<br /><br /><br /><br /><br /><br /><br />Welcome back ".$username." | ";
echo "<a href=usermaint.php target=mainFrame>Profile</a> | ";
echo "<a href=upload.html target=mainFrame>Upload</a> | ";
echo "<a href=logout.php>Logout</a>";
echo "</center>";
}
}
}
else
//if the cookie does not exist, they are taken to the login screen
{
header("Location: login.php");
}
?>
logout.php
<?php
//This script will kill the cookie immediately
$past = time() - 100;
//this makes the time in the past to destroy the cookie
setcookie(ID_my_site, gone, $past); //deletes the username cookie
setcookie(Key_my_site, gone, $past); //deletes the password cookie
header("Location: login.php"); //redirects the user to the login page
?>
The database i had used was called "login" (without the quotes) the tables i had in it were "ID" (which was set to autonumber) "username" & "password" (all without the quotes). But you can always make your own tables and have different names for each field just be sure you change those on the script files. Ohh and before i forget i use wampserver (http://www.wampserver.com/) to deploy the php scripts and do my databases, you can download it for free from the website above.
If you need anything else let me know :)
Enjoy.
geraelindsey
11-01-2006, 02:47 AM
If you do not mind adding username/passwords yourself and emailing them to users, you can do this easily right in FrontPage:
http://www.outfront.net/tutorials_02/fp_techniques/frontpage-subwebs.htm
http://www.outfront.net/tutorials_02/fp_techniques/frontpage-subwebs.htm
webdeveloper.com
Copyright Internet.com Inc., All Rights Reserved.
Copyright Internet.com Inc., All Rights Reserved.