<body><div align="center">
<?php
if (!isset($password)){
?><form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <input name="password" type="text" size="8"> then
<input name="submit" type="submit">
</form>
<?php
die;
}
if ($password != "secretword" ){
echo "wrong";
?>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <input name="password" type="text" size="8"> then
<input name="submit" type="submit">
</form>
<?php
die;
}
?>
// rest of admin script follows...
and yes, I realize anyone with access to the users' computer could probly
get in, but I'm not worried about that.
I looked for a way to use .htacess to protect just this file, but couldn't
find anything.
found some other scripts out there that used the auth headers, but they
didn't work, I could never get past the login...
thanks for your time,
juglesh
7  2087 
In article <t9********************@comcast.com>,
"juglesh" <ju*****@nospamRadioKDUG.com> wrote: <body><div align="center">
<?php
if (!isset($password)){
?><form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <input name="password" type="text" size="8"> then
<input name="submit" type="submit">
</form>
<?php
die;
}
if ($password != "secretword" ){
echo "wrong";
?>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <input name="password" type="text" size="8"> then
<input name="submit" type="submit">
</form>
<?php
die;
}
?>
// rest of admin script follows...
and yes, I realize anyone with access to the users' computer could probly
get in, but I'm not worried about that.
I looked for a way to use .htacess to protect just this file, but couldn't
find anything.
found some other scripts out there that used the auth headers, but they
didn't work, I could never get past the login...
thanks for your time,
juglesh
AFAIK, you can't password protect files unless you use something like
ZIP or STUFFIT with a password. Or just encrypt the file.
You can use the Apache .htaccess feature on directories. It al boils
down to the web page sending the correct headers to the browser. If you
setup .htaccess, Apache will do it. Or you can setup php to send the
authentication headers.
If all this is gobbledgook, hire someone.
--
DeeDee, don't press that button! DeeDee! NO! Dee...
"juglesh" <ju*****@nospamRadioKDUG.com> wrote in message
news:t9********************@comcast.com... <body><div align="center">
<?php
if (!isset($password)){
?><form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <input name="password" type="text" size="8"> then
<input name="submit" type="submit">
</form>
<?php
die;
}
if ($password != "secretword" ){
echo "wrong";
?>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <input name="password" type="text" size="8"> then
<input name="submit" type="submit">
</form>
<?php
die;
}
?>
// rest of admin script follows...
and yes, I realize anyone with access to the users' computer could probly
get in, but I'm not worried about that.
I looked for a way to use .htacess to protect just this file, but couldn't
find anything.
found some other scripts out there that used the auth headers, but they
didn't work, I could never get past the login...
thanks for your time,
juglesh
Don't see why it wouldn't work. In fact, I've done something similiar in the
past.
"juglesh" <ju*****@nospamRadioKDUG.com> wrote in message
news:t9********************@comcast.com... <body><div align="center">
<?php
if (!isset($password)){
?><form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <input name="password" type="text" size="8"> then
<input name="submit" type="submit">
</form>
<?php
die;
}
if ($password != "secretword" ){
echo "wrong";
?>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <input name="password" type="text" size="8"> then
<input name="submit" type="submit">
</form>
<?php
die;
}
?>
// rest of admin script follows...
and yes, I realize anyone with access to the users' computer could probly
get in, but I'm not worried about that.
I looked for a way to use .htacess to protect just this file, but couldn't
find anything.
found some other scripts out there that used the auth headers, but they
didn't work, I could never get past the login...
thanks for your time,
juglesh
I presume you have
$password = $_POST['password'];
at the top of your page ?
--
---------------------------------------------------------------------------- http://www.clickonlingerie.com?SIG - Exotic Erotic Lingerie
----------------------------------------------------------------------------
"MS" <Sp************************@hotmail.com> wrote in message
news:cv**********@titan.btinternet.com...
"juglesh" <ju*****@nospamRadioKDUG.com> wrote in message
news:t9********************@comcast.com... <body><div align="center">
<?php
if (!isset($password)){
?><form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <input name="password" type="text" size="8">
then
<input name="submit" type="submit">
</form>
<?php
die;
}
if ($password != "secretword" ){
echo "wrong";
?>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
type password here <input name="password" type="text" size="8">
then
<input name="submit" type="submit">
</form>
<?php
die;
}
?>
// rest of admin script follows...
and yes, I realize anyone with access to the users' computer could probly
get in, but I'm not worried about that.
I looked for a way to use .htacess to protect just this file, but
couldn't
find anything.
found some other scripts out there that used the auth headers, but they
didn't work, I could never get past the login...
thanks for your time,
juglesh
I presume you have
$password = $_POST['password'];
at the top of your page ?
no, and that reminds me of another question.
But first, would I need that for password protection? an intruder could put
the password in the query string, but he'd still have to know the password.
yeah, on that $_POST['password']; thing, its working fine without it, and
for that matter, I don't usually have to use $_GET either, my scripts
usually can 'get' the variable from the query string automagically. I just
use the variable that I have sent. what's up with that?
juglesh I presume you have
$password = $_POST['password'];
at the top of your page ?
no, and that reminds me of another question.
But first, would I need that for password protection? an intruder could
put the password in the query string, but he'd still have to know the
password.
yeah, on that $_POST['password']; thing, its working fine without it, and
for that matter, I don't usually have to use $_GET either, my scripts
usually can 'get' the variable from the query string automagically. I
just use the variable that I have sent. what's up with that?
juglesh
Im not sure about the automagically assigning values to variables
If you make your form POST instead of GET the passed variables of the form
are not visible within the URL
In which case you would use
$password = $_POST['password'];
to retrieve the passed value of password
If you use GET in your form the values are visible within the URL and you
would use
$password = $_GET['password'];
to retrieve the passed value of password
--
---------------------------------------------------------------------------- http://www.clickonlingerie.com?SIG - Exotic Erotic Lingerie
----------------------------------------------------------------------------
"MS" <Sp************************@hotmail.com> wrote in message
news:cv**********@titan.btinternet.com... > I presume you have
>
> $password = $_POST['password'];
>
> at the top of your page ?
no, and that reminds me of another question.
But first, would I need that for password protection? an intruder could
put the password in the query string, but he'd still have to know the
password.
yeah, on that $_POST['password']; thing, its working fine without it, and
for that matter, I don't usually have to use $_GET either, my scripts
usually can 'get' the variable from the query string automagically. I
just use the variable that I have sent. what's up with that?
juglesh
Im not sure about the automagically assigning values to variables
If you make your form POST instead of GET the passed variables of the form
are not visible within the URL
In which case you would use
$password = $_POST['password'];
to retrieve the passed value of password
If you use GET in your form the values are visible within the URL and you
would use
$password = $_GET['password'];
to retrieve the passed value of password
well, yeah, I know all about that (and I am using obviously post in my
password form), what I'm saying is it works without $_POST['password']. the
script above is exactly what I'm using, from the top. yeah, I just tested
it, if I put "?password=secretword" in the address bar, I am 'logged in'.
So, I'm wondering if there's some special circumstances where you need to
use $_POST[] and $_GET[] to get those values. Maybe older versions of php?
--
juglesh
.oO(juglesh) well, yeah, I know all about that (and I am using obviously post in my
password form), what I'm saying is it works without $_POST['password']. the
script above is exactly what I'm using, from the top. yeah, I just tested
it, if I put "?password=secretword" in the address bar, I am 'logged in'.
So, I'm wondering if there's some special circumstances where you need to
use $_POST[] and $_GET[] to get those values. Maybe older versions of php?
Not older, but newer versions, where register_globals is disabled by
default. Using $_POST, $_GET etc. is the correct and recommended way.
Micha This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: WindAndWaves |
last post by:
Hi Gurus
Is there a way you can password protect a particular function/action on a page?
What I basically want to do is to have a page and if people click on a button that they are able to edit...
|
by: Lou |
last post by:
Please can someone put me out my misery!
Im trying to find a multiple user/password protection script that will
redirect the specific user to a specific directory.
At the moment I have set up...
|
by: Geert-Pieter Hof |
last post by:
Hello,
My VB 6.0 application read and writes data from and to a MS Excel workbook,
using the Microsoft.Jet.OLEDB.4.0 provider.
Now I want to protect the Excel workbook with a password, but I...
|
by: Max |
last post by:
Hello all,
I am trying to protect a page within my site with a JS password
scheme.
Now I know JS can be quite easily "circumvented", but I came by a code
below.
My question is:
1. Is there...
|
by: Borked Pseudo Mailed |
last post by:
Seeking feedback on Password Protection via Java/JavaScript ONLY (no cgi):
SEE:
http://online_tools.home.att.net/tools.html
*AND*
http://online_tools.home.att.net/extraCode.htm
Thanks.
|
by: Miro |
last post by:
Why Password protect an MDB when someone can google and get a hack?
Wondering if anyone else has thought of this and just said "oh well"...
I plan to password protect an MDB where I have some...
|
by: btopenworld |
last post by:
Hi
I have been using two forms of password protection:
A) On working web sites I use an ASP script that is included in every page
requiring protection: uses session - works fine
B) On...
|
by: teejayem |
last post by:
Hi,
I am new to programming with databases and was wanting some help.
Is there any way to password protect an access database and access
sent sql commands to it via vb.net code?
Any help...
|
by: anco85 |
last post by:
Hi. Im a total access and VB noob and require your much appreciated help.
I have a table that list all the vehicles in our company.
I created a form to view this information much easier with a...
|
by: erikbower65 |
last post by:
Using CodiumAI's pr-agent is simple and powerful. Follow these steps:
1. Install CodiumAI CLI: Ensure Node.js is installed, then run 'npm install -g codiumai' in the terminal.
2. Connect to...
|
by: erikbower65 |
last post by:
Here's a concise step-by-step guide for manually installing IntelliJ IDEA:
1. Download: Visit the official JetBrains website and download the IntelliJ IDEA Community or Ultimate edition based on...
|
by: Taofi |
last post by:
I try to insert a new record but the error message says the number of query names and destination fields are not the same
This are my field names
ID, Budgeted, Actual, Status and Differences
...
|
by: DJRhino1175 |
last post by:
When I run this code I get an error, its Run-time error# 424 Object required...This is my first attempt at doing something like this. I test the entire code and it worked until I added this -
If...
|
by: Rina0 |
last post by:
I am looking for a Python code to find the longest common subsequence of two strings. I found this blog post that describes the length of longest common subsequence problem and provides a solution in...
|
by: DJRhino |
last post by:
Private Sub CboDrawingID_BeforeUpdate(Cancel As Integer)
If = 310029923 Or 310030138 Or 310030152 Or 310030346 Or 310030348 Or _
310030356 Or 310030359 Or 310030362 Or...
|
by: lllomh |
last post by:
How does React native implement an English player?
|
by: Mushico |
last post by:
How to calculate date of retirement from date of birth
|
by: DJRhino |
last post by:
Was curious if anyone else was having this same issue or not....
I was just Up/Down graded to windows 11 and now my access combo boxes are not acting right. With win 10 I could start typing...
| |
