www.webdeveloper.com
Page 1 of 8 123 ... LastLast
Results 1 to 15 of 117

Thread: password protected area script

  1. #1
    Join Date
    May 2003
    Posts
    13

    Question password protected area script

    Hi everyone,

    I'm a fresh web designer and I'm trying to put up my portfolio web site, but there is a section on the site that I don't want people to access without a password. I found this free script but it seems to show the password right in the script when you view the source. It there any way to hide the password? Any help would be appreciated. Thanks!

    <SCRIPT LANGUAGE="JavaScript">
    function LogIn(){
    loggedin=false;
    username="";
    password="";
    username=prompt("Username:","");
    username=username.toLowerCase();
    password=prompt("Password:","");
    password=password.toLowerCase();
    if (username=="guest" && password=="login") {
    loggedin=true;
    window.location="home-page.html";
    }
    if (username=="guest2" && password=="login2") {
    loggedin=true;
    window.location="secure.html";
    }
    if (loggedin==false) {
    alert("Invalid login!");
    }
    }
    </SCRIPT>

  2. #2
    Join Date
    Dec 2002
    Location
    High on life
    Posts
    10,104
    Here's some code for you to try out...

    Your login form...

    Code:
    <form method="post" action="passwordreader.php">
      <table>
        <tr><td><b class=rng>Username:</b></td><td> </td><td><input type="text" name="username"></td></tr>
        <tr><td><b class=rng>Password:</b></td><td> </td><td><input type="password" name="password"></td></tr>
        <tr><td colspan="3" align="center"><input type="submit" value=" Submit "></td></tr>
      </table>
    </form>
    And now make passwordreader.php:

    passwordreader.php
    PHP Code:
    <?PHP

    # Change the below lines to the results that makepass.php gave you
    #
    $user 'yourencryptedusername';
    $pass 'yourencryptedpassword';
    #
    # Change the above lines to the results that makepass.php gave you

    if(md5($_POST['username']) == $user && md5($_POST['password']) == $pass)
    {
    setcookie ("verified"true);
    header ("Location:[url]http://www.yoursite.com/dir/page.htm[/url]");
    }
    else
    {
    echo (
    "Incorrect Password");
    }
    ?>
    Now make this file and name it protect.php

    protect.php
    PHP Code:
    <?PHP 

    # Protect page from being called directly from web browser 
    $back "<form><input type='button' value='< Back' onclick='history.back()'></form>"
    $acc_denied "<h3>Access Denied</h3>".$back# you could add a link to where users can login here... 
    if (!isset($_COOKIE["verified"])) { die($acc_denied); } 

    ?>
    Now, insert this at the very top of all your pages...

    PHP Code:
    <? include_once("protect.php"); ?>
    And, lastly, make a file named makepass.php and use it to make your username and password, which you will insert in passwordreader.php... Once you have made the encrypted usernames/passwords, you can remove from your server.

    makepass.php
    PHP Code:
    <?PHP
    if ($_POST['showvalues'])
    {
    echo 
    'User: ' md5($_POST['username']);
    echo 
    '<br>Password: ' md5($_POST['password']);
    }
    ?>

    <form method="post" action="makepass.php">
      <table>
        <tr><td><b class=rng>Username:</b></td><td>&nbsp;</td><td><input type="text" name="username"></td></tr>
        <tr><td><b class=rng>Password:</b></td><td>&nbsp;</td><td><input type="text" name="password"></td></tr>
        <tr><td colspan="3" align="center"><input type="submit" value=" Submit " name="showvalues"></td></tr>
      </table>
    </form>
    If you need any help, let me know. Remember to rename pages that are being password protected to .php...

  3. #3
    Join Date
    May 2003
    Posts
    13
    Thanks pyro! I'll try it out.

  4. #4
    Join Date
    May 2003
    Posts
    13

    Unhappy i'm confused

    I did okay up until the part where you have to insert that line at the very top of all my pages.

    Does that go on all the php pages I created or on the protected pages?

    Also how do I generate the encrypted username and password using the encrypter.php.

    Sorry it's my first time using php

  5. #5
    Join Date
    Dec 2002
    Location
    High on life
    Posts
    10,104

    Re: i'm confused

    Originally posted by colourcube
    Does that go on all the php pages I created or on the protected pages?
    It goes on the pages you wish to protect, which need to be renamed to .php...

    Originally posted by colourcube
    Also how do I generate the encrypted username and password using the encrypter.php.
    You just type the username/password in and hit submit. It will show you the generated username/password on the page. If you can't get it to work, us this: http://www.infinitypages.com/scripts/encrypter.php

  6. #6
    Join Date
    May 2003
    Posts
    13

    Talking

    thanks pyro. youre the best

  7. #7
    Join Date
    Apr 2003
    Location
    Canyon Country, CA
    Posts
    734

    one problem...

    What if I don't have .php support?...what do I do then?...and I DON'T want the username function
    Last edited by neenach2002; 07-24-2003 at 10:48 PM.

  8. #8
    Join Date
    Dec 2002
    Location
    High on life
    Posts
    10,104
    You pick some other serverside language...

  9. #9
    Join Date
    Apr 2003
    Location
    Canyon Country, CA
    Posts
    734
    what about getting rid of the username...sorry...i'm not yet familiar with PHP coding yet...

  10. #10
    Join Date
    Apr 2003
    Location
    Canyon Country, CA
    Posts
    734
    nevermind about the username thing...I can just make it so that it is on the page...or maybe there is a way to put the username into the box automatically?

  11. #11
    Join Date
    Apr 2003
    Location
    Canyon Country, CA
    Posts
    734
    now...I just need to figure out how to get the redirect script to work...or maybe I can use a cookie? thanx for the great help!

  12. #12
    Join Date
    Jul 2003
    Posts
    41

    hhmmm.....

    hey pyro, all that script seems to work, sort of, but...

    i create a username and password using the makepass.php, then with the code it gives me, i put that into passwordreader.php. now when i got to my index page and type in the username and password [not the massive line of code, just like the words i chose] it goes to the page i want it to [encript.php that kinda thing] but says 'access denied'. i know it works cos if i just type any old password it says 'incorrect password' so the passwordreader it recognising that ive typed the right password, but it wont let me view the page, its just like typing in the address '...ltd.uk/encript.php'. somehow the browser needs to sort of unlock the encript.php so i can see the page normally but know that ive typed the correct password. i think it might be something to do with this bit in the passwordreader.php...
    '...{
    setcookie ("verified", true);
    header ("Location:encript.php"); ***<-- this bit***
    }
    else....'

    im not sure tho
    also when u say 'it goes at the very top of the pages' do u mean like this...

    so this is the encript.php
    '<? include_once("protect.php"); ?>


    <html>
    <head>
    <title>User Area</title>
    <style>....'


    thanks for any help

  13. #13
    Join Date
    Dec 2002
    Location
    High on life
    Posts
    10,104
    It sounds like you did everything right. Do you have cookies enabled? Can you post a link so I can check if it works for me?

  14. #14
    Join Date
    Jul 2003
    Posts
    41
    the page is http://leto.ltd.uk/index2.html the form is at the bottom. the password n stuff i made from makepass.php is
    username: greg
    password: test

    it goes to the leto.ltd.uk/encript.php but just says access denied...

    cheers

    if its any help, here are my phps...

    protect.php
    <?PHP

    # Protect page from being called directly from web browser
    $back = "<form><input type='button' value='< Back' onclick='history.back()'></form>";
    $acc_denied = "<h3>Access Denied</h3>".$back; # you could add a link to where users can login here...
    if (!isset($verified)) { die($acc_denied); }
    if (!$verified) { die($acc_denied); }

    ?>

    passwrodreader.php
    <?PHP

    # Change the below lines to the results that makepass.php gave you
    #
    $user = 'ea26b0075d29530c636d6791bb5d73f4';
    $pass = '098f6bcd4621d373cade4e832627b4f6'; ***this is the code by typing 'greg' and 'test' into makepass.php
    #
    # Change the above lines to the results that makepass.php gave you

    if(md5($_POST['username']) == $user && md5($_POST['password']) == $pass)
    {
    setcookie ("verified", true);
    header ("Location:encript.php");
    }
    else
    {
    echo ("Incorrect Password");
    }
    ?>


    makepass.php
    <?PHP
    if ($_POST['showvalues'])
    {
    echo 'User: ' . md5($_POST['username']);
    echo '<br>Password: ' . md5($_POST['password']);
    }
    ?>

    <form method="post" action="makepass.php">
    <table>
    <tr><td><b class=rng>Username:</b></td><td>&nbsp;</td><td><input type="text" name="username"></td></tr>
    <tr><td><b class=rng>Password:</b></td><td>&nbsp;</td><td><input type="text" name="password"></td></tr>
    <tr><td colspan="3" align="center"><input type="submit" value=" Submit " name="showvalues"></td></tr>
    </table>
    </form>



    encript.php [this is just normal html but with that line at the top..
    <? include_once("protect.php"); ?>
    <html>
    <head>
    <title>User Area</title>
    <style>
    td{
    font-family:arial;
    font-size:9pt;......

  15. #15
    Join Date
    Jul 2003
    Posts
    121
    well i have another problem with this... it seems when i enter thhe correct password it brings me to the access deided page i havent changed anything in that code but do you think changing the other code affects this one?

    protect.php
    PHP Code:
    <?PHP

    # Protect page from being called directly from web browser
    $back  "<form><input type='button' value='< Back' onclick='history.back()'></form>";
    $acc_denied "<h3>Access Denied</h3>".$back# you could add a link to where users can login here...
    if (!isset($verified)) { die($acc_denied); }
    if (!
    $verified) { die($acc_denied); }

    ?>

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles