<body><div align="center">
<?php
if (!isset($passwo rd)){
?><form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <inpu t name="password" type="text" size="8"> then
<input name="submit" type="submit">
</form>
<?php
die;
}
if ($password != "secretword " ){
echo "wrong";
?>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <inpu t name="password" type="text" size="8"> then
<input name="submit" type="submit">
</form>
<?php
die;
}
?>
// rest of admin script follows...
and yes, I realize anyone with access to the users' computer could probly
get in, but I'm not worried about that.
I looked for a way to use .htacess to protect just this file, but couldn't
find anything.
found some other scripts out there that used the auth headers, but they
didn't work, I could never get past the login...
thanks for your time,
juglesh 7 2148
In article <t9************ ********@comcas t.com>,
"juglesh" <ju*****@nospam RadioKDUG.com> wrote: <body><div align="center"> <?php if (!isset($passwo rd)){ ?><form action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> type password here <inpu t name="password" type="text" size="8"> then <input name="submit" type="submit"> </form> <?php die; } if ($password != "secretword " ){ echo "wrong"; ?> <form action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> type password here <inpu t name="password" type="text" size="8"> then <input name="submit" type="submit"> </form> <?php die; } ?> // rest of admin script follows...
and yes, I realize anyone with access to the users' computer could probly get in, but I'm not worried about that.
I looked for a way to use .htacess to protect just this file, but couldn't find anything.
found some other scripts out there that used the auth headers, but they didn't work, I could never get past the login...
thanks for your time, juglesh
AFAIK, you can't password protect files unless you use something like
ZIP or STUFFIT with a password. Or just encrypt the file.
You can use the Apache .htaccess feature on directories. It al boils
down to the web page sending the correct headers to the browser. If you
setup .htaccess, Apache will do it. Or you can setup php to send the
authentication headers.
If all this is gobbledgook, hire someone.
--
DeeDee, don't press that button! DeeDee! NO! Dee...
"juglesh" <ju*****@nospam RadioKDUG.com> wrote in message
news:t9******** ************@co mcast.com... <body><div align="center"> <?php if (!isset($passwo rd)){ ?><form action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> type password here <inpu t name="password" type="text" size="8"> then <input name="submit" type="submit"> </form> <?php die; } if ($password != "secretword " ){ echo "wrong"; ?> <form action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> type password here <inpu t name="password" type="text" size="8"> then <input name="submit" type="submit"> </form> <?php die; } ?> // rest of admin script follows...
and yes, I realize anyone with access to the users' computer could probly get in, but I'm not worried about that.
I looked for a way to use .htacess to protect just this file, but couldn't find anything.
found some other scripts out there that used the auth headers, but they didn't work, I could never get past the login...
thanks for your time, juglesh
Don't see why it wouldn't work. In fact, I've done something similiar in the
past.
"juglesh" <ju*****@nospam RadioKDUG.com> wrote in message
news:t9******** ************@co mcast.com... <body><div align="center"> <?php if (!isset($passwo rd)){ ?><form action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> type password here <inpu t name="password" type="text" size="8"> then <input name="submit" type="submit"> </form> <?php die; } if ($password != "secretword " ){ echo "wrong"; ?> <form action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> type password here <inpu t name="password" type="text" size="8"> then <input name="submit" type="submit"> </form> <?php die; } ?> // rest of admin script follows...
and yes, I realize anyone with access to the users' computer could probly get in, but I'm not worried about that.
I looked for a way to use .htacess to protect just this file, but couldn't find anything.
found some other scripts out there that used the auth headers, but they didn't work, I could never get past the login...
thanks for your time, juglesh
I presume you have
$password = $_POST['password'];
at the top of your page ?
--
---------------------------------------------------------------------------- http://www.clickonlingerie.com?SIG - Exotic Erotic Lingerie
----------------------------------------------------------------------------
"MS" <Sp************ ************@ho tmail.com> wrote in message
news:cv******** **@titan.btinte rnet.com... "juglesh" <ju*****@nospam RadioKDUG.com> wrote in message news:t9******** ************@co mcast.com... <body><div align="center"> <?php if (!isset($passwo rd)){ ?><form action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> type password here <inpu t name="password" type="text" size="8"> then <input name="submit" type="submit"> </form> <?php die; } if ($password != "secretword " ){ echo "wrong"; ?> <form action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> type password here <inpu t name="password" type="text" size="8"> then <input name="submit" type="submit"> </form> <?php die; } ?> // rest of admin script follows...
and yes, I realize anyone with access to the users' computer could probly get in, but I'm not worried about that.
I looked for a way to use .htacess to protect just this file, but couldn't find anything.
found some other scripts out there that used the auth headers, but they didn't work, I could never get past the login...
thanks for your time, juglesh
I presume you have
$password = $_POST['password'];
at the top of your page ?
no, and that reminds me of another question.
But first, would I need that for password protection? an intruder could put
the password in the query string, but he'd still have to know the password.
yeah, on that $_POST['password']; thing, its working fine without it, and
for that matter, I don't usually have to use $_GET either, my scripts
usually can 'get' the variable from the query string automagically. I just
use the variable that I have sent. what's up with that?
juglesh I presume you have
$password = $_POST['password'];
at the top of your page ? no, and that reminds me of another question.
But first, would I need that for password protection? an intruder could
put the password in the query string, but he'd still have to know the
password. yeah, on that $_POST['password']; thing, its working fine without it, and for that matter, I don't usually have to use $_GET either, my scripts usually can 'get' the variable from the query string automagically. I
just use the variable that I have sent. what's up with that?
juglesh
Im not sure about the automagically assigning values to variables
If you make your form POST instead of GET the passed variables of the form
are not visible within the URL
In which case you would use
$password = $_POST['password'];
to retrieve the passed value of password
If you use GET in your form the values are visible within the URL and you
would use
$password = $_GET['password'];
to retrieve the passed value of password
--
---------------------------------------------------------------------------- http://www.clickonlingerie.com?SIG - Exotic Erotic Lingerie
----------------------------------------------------------------------------
"MS" <Sp************ ************@ho tmail.com> wrote in message
news:cv******** **@titan.btinte rnet.com... > I presume you have > > $password = $_POST['password']; > > at the top of your page ?
no, and that reminds me of another question.
But first, would I need that for password protection? an intruder could
put the password in the query string, but he'd still have to know the password. yeah, on that $_POST['password']; thing, its working fine without it, and for that matter, I don't usually have to use $_GET either, my scripts usually can 'get' the variable from the query string automagically. I
just use the variable that I have sent. what's up with that?
juglesh
Im not sure about the automagically assigning values to variables
If you make your form POST instead of GET the passed variables of the form are not visible within the URL
In which case you would use $password = $_POST['password']; to retrieve the passed value of password
If you use GET in your form the values are visible within the URL and you would use $password = $_GET['password']; to retrieve the passed value of password
well, yeah, I know all about that (and I am using obviously post in my
password form), what I'm saying is it works without $_POST['password']. the
script above is exactly what I'm using, from the top. yeah, I just tested
it, if I put "?password=secr etword" in the address bar, I am 'logged in'.
So, I'm wondering if there's some special circumstances where you need to
use $_POST[] and $_GET[] to get those values. Maybe older versions of php?
--
juglesh
.oO(juglesh) well, yeah, I know all about that (and I am using obviously post in my password form), what I'm saying is it works without $_POST['password']. the script above is exactly what I'm using, from the top. yeah, I just tested it, if I put "?password=secr etword" in the address bar, I am 'logged in'. So, I'm wondering if there's some special circumstances where you need to use $_POST[] and $_GET[] to get those values. Maybe older versions of php?
Not older, but newer versions, where register_global s is disabled by
default. Using $_POST, $_GET etc. is the correct and recommended way.
Micha This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: WindAndWaves |
last post by:
Hi Gurus
Is there a way you can password protect a particular function/action on a page?
What I basically want to do is to have a page and if people click on a button that they are able to edit parts of it.
Obviously I do not want everyone to be able to edit parts of the page, so I would like to prompt for a password so that only
qualifying users can continue...
So, what I have is a PHP script that outputs nice html with a link...
|
by: Lou |
last post by:
Please can someone put me out my misery!
Im trying to find a multiple user/password protection script that will
redirect the specific user to a specific directory.
At the moment I have set up htaccess which is fine but can only
protect one directory unless I put htaccess on each directory which I
think is a bit long winded, but is there any other way I can do this
with using only one password script?
Any info would be greatly...
|
by: Geert-Pieter Hof |
last post by:
Hello,
My VB 6.0 application read and writes data from and to a MS Excel workbook,
using the Microsoft.Jet.OLEDB.4.0 provider.
Now I want to protect the Excel workbook with a password, but I figured out
that it is not possible to open the workbook for data access with ADO
(http://support.microsoft.com/?KBID=211378).
Is there another way to use a password protected Excel workbook in my
|
by: Max |
last post by:
Hello all,
I am trying to protect a page within my site with a JS password
scheme.
Now I know JS can be quite easily "circumvented", but I came by a code
below.
My question is:
1. Is there a way to find a password for this script? How easily?
2. Is there a stronger scheme available in JS?
|
by: Borked Pseudo Mailed |
last post by:
Seeking feedback on Password Protection via Java/JavaScript ONLY (no cgi):
SEE:
http://online_tools.home.att.net/tools.html
*AND*
http://online_tools.home.att.net/extraCode.htm
Thanks.
| |
by: Miro |
last post by:
Why Password protect an MDB when someone can google and get a hack?
Wondering if anyone else has thought of this and just said "oh well"...
I plan to password protect an MDB where I have some system/program variables
and data.
But looking in google, there are plenty of programs a user can download to
hack and crack that password.
|
by: btopenworld |
last post by:
Hi
I have been using two forms of password protection:
A) On working web sites I use an ASP script that is included in every page
requiring protection: uses session - works fine
B) On quick test sites or temporary stuff I use the Windows Network
Authentication provided by my web host. A whole folder is protected at once
which is very convenient but it has a problem. If a user types the wrong
|
by: teejayem |
last post by:
Hi,
I am new to programming with databases and was wanting some help.
Is there any way to password protect an access database and access
sent sql commands to it via vb.net code?
Any help would be much appreciated.
Thanks in advanced.
|
by: anco85 |
last post by:
Hi. Im a total access and VB noob and require your much appreciated help.
I have a table that list all the vehicles in our company.
I created a form to view this information much easier with a combo box to select the record you are looking for. All this works wonderfull.
What I want to do now is create a command to delete a selected record. This aswell is easy enough.
What I need though, is some form of password protection to prevent...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |