how could i do this?
Is it possible to not let people access the admin page directly? here is my conditions:
1. I have a login script
2. not use any mySQL database
3. username and password are in the script
i want some quick reply
You don't have a db available? How come? That would be the way to handle a SECURE login system. How are you handling the login credentials without a db? Not very securely probably.
Sure you could put your admin page in a protected folder. Assign a pswd to that folder and only those who know it (theoretically) will be able to access it, but if you already have a login why aren't you using that?
Use a hashed password at least so it's somewhat secure, then maybe use XML to store it?
It is possible to write a login/password system without using a database, if the number of unique logins is small and changes are infrequent. You can do this in PHP with an external text file of logins and password pairs, preferably encrypted, or with them directly stored in an array in the web page.
However, I'm not sure what you mean by the "admin" page? Are you referring to the ftp access to the site? In which case login and password protection would normally already be set up by the web host. Or perhaps to the admin page of a CMS like WordPress? If so, what you can, or need, to do is dependent on the CMS.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)