I'm a fresh web designer and I'm trying to put up my portfolio web site, but there is a section on the site that I don't want people to access without a password. I found this free script but it seems to show the password right in the script when you view the source. It there any way to hide the password? Any help would be appreciated. Thanks!
<SCRIPT LANGUAGE="JavaScript">
function LogIn(){
loggedin=false;
username="";
password="";
username=prompt("Username:","");
username=username.toLowerCase();
password=prompt("Password:","");
password=password.toLowerCase();
if (username=="guest" && password=="login") {
loggedin=true;
window.location="home-page.html";
}
if (username=="guest2" && password=="login2") {
loggedin=true;
window.location="secure.html";
}
if (loggedin==false) {
alert("Invalid login!");
}
}
</SCRIPT>
# Change the below lines to the results that makepass.php gave you
#
$user = 'yourencryptedusername';
$pass = 'yourencryptedpassword';
#
# Change the above lines to the results that makepass.php gave you
# Protect page from being called directly from web browser
$back = "<form><input type='button' value='< Back' onclick='history.back()'></form>";
$acc_denied = "<h3>Access Denied</h3>".$back; # you could add a link to where users can login here...
if (!isset($_COOKIE["verified"])) { die($acc_denied); }
?>
Now, insert this at the very top of all your pages...
PHP Code:
<? include_once("protect.php"); ?>
And, lastly, make a file named makepass.php and use it to make your username and password, which you will insert in passwordreader.php... Once you have made the encrypted usernames/passwords, you can remove from your server.
Originally posted by colourcube Does that go on all the php pages I created or on the protected pages?
It goes on the pages you wish to protect, which need to be renamed to .php...
Originally posted by colourcube Also how do I generate the encrypted username and password using the encrypter.php.
You just type the username/password in and hit submit. It will show you the generated username/password on the page. If you can't get it to work, us this: http://www.infinitypages.com/scripts/encrypter.php
nevermind about the username thing...I can just make it so that it is on the page...or maybe there is a way to put the username into the box automatically?
hey pyro, all that script seems to work, sort of, but...
i create a username and password using the makepass.php, then with the code it gives me, i put that into passwordreader.php. now when i got to my index page and type in the username and password [not the massive line of code, just like the words i chose] it goes to the page i want it to [encript.php that kinda thing] but says 'access denied'. i know it works cos if i just type any old password it says 'incorrect password' so the passwordreader it recognising that ive typed the right password, but it wont let me view the page, its just like typing in the address '...ltd.uk/encript.php'. somehow the browser needs to sort of unlock the encript.php so i can see the page normally but know that ive typed the correct password. i think it might be something to do with this bit in the passwordreader.php...
'...{
setcookie ("verified", true);
header ("Location:encript.php"); ***<-- this bit***
}
else....'
im not sure tho
also when u say 'it goes at the very top of the pages' do u mean like this...
so this is the encript.php
'<? include_once("protect.php"); ?>
the page is http://leto.ltd.uk/index2.html the form is at the bottom. the password n stuff i made from makepass.php is
username: greg
password: test
it goes to the leto.ltd.uk/encript.php but just says access denied...
cheers
if its any help, here are my phps...
protect.php
<?PHP
# Protect page from being called directly from web browser
$back = "<form><input type='button' value='< Back' onclick='history.back()'></form>";
$acc_denied = "<h3>Access Denied</h3>".$back; # you could add a link to where users can login here...
if (!isset($verified)) { die($acc_denied); }
if (!$verified) { die($acc_denied); }
?>
passwrodreader.php
<?PHP
# Change the below lines to the results that makepass.php gave you
#
$user = 'ea26b0075d29530c636d6791bb5d73f4';
$pass = '098f6bcd4621d373cade4e832627b4f6'; ***this is the code by typing 'greg' and 'test' into makepass.php
#
# Change the above lines to the results that makepass.php gave you
encript.php [this is just normal html but with that line at the top..
<? include_once("protect.php"); ?>
<html>
<head>
<title>User Area</title>
<style>
td{
font-family:arial;
font-size:9pt;......
well i have another problem with this... it seems when i enter thhe correct password it brings me to the access deided page i havent changed anything in that code but do you think changing the other code affects this one?
protect.php
PHP Code:
<?PHP
# Protect page from being called directly from web browser
$back = "<form><input type='button' value='< Back' onclick='history.back()'></form>";
$acc_denied = "<h3>Access Denied</h3>".$back; # you could add a link to where users can login here...
if (!isset($verified)) { die($acc_denied); }
if (!$verified) { die($acc_denied); }
password protected area script
Reply With Quote
i'm confused
Bookmarks