Netwrkengeer
IS-IT--Management
I have a password protection script, but I don't know how to use it. I'm confused about how to protect a full section of the site, how does the script know what web pages are associated with that particular session. and how do I set this script up to access a mysql database to get authentication info.
<code>
<?php
// --------------------------------------------------------------------------------
// Topic: Authentication using cookies and filebased password/login list
// Author: Copyright (c) by Urs Gehrig <admin@circle.ch>
// Version: 1.0.0
// Update: 19-7-2000
// Licence: ?
// PHP: php-4.0.0-win32
// Browser: IE 5, Netscape 4.7
//
// Handling: This might be your startup index.php file, where you check the
// users.
//
// Enjoy!
// --------------------------------------------------------------------------------
// --------------------------------------------------------------------------------
// functions
// --------------------------------------------------------------------------------
function redirect($cmd){
?>
<SCRIPT language=JavaScript>
window.location.href="<?php echo $cmd; ?>";
</SCRIPT>
<?php
}
// --------------------------------------------------------------------------------
// main
// --------------------------------------------------------------------------------
$header = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD><TITLE>login form</TITLE><link rel="stylesheet" href="style.php"></HEAD><BODY>';
$footer = '</BODY></HTML>';
if (!isset($login) and !isset($passwd) and !$valid):
echo $header;
?>
<form method="post" action="<?php echo basename($PHP_SELF); ?>" name=loginform>
login: <input type="text" name="login" maxlength=50 size=10 style="width: 90px; font-size: 10px">
password: <input type="password" name="passwd" maxlength=50 size=10 style="width: 90px; font-size: 10px">
<input type=submit value="login" name="sent" style="width: 30px; heigth: 18px; font-size: 10px">
</form>
<script language=JavaScript>
<!--
if (document.loginform) {
document.loginform.login.focus();
}
// -->
</script>
<?php
echo $footer;
elseif(isset($sent)):
$login_ok = 0;
$fp = fopen("password.txt", "r"
while (feof($fp) == 0):
$line = chop(fgets($fp,1000));
$arr = split(",", $line);
if (($arr[0] == $login) and ($arr[1] == $passwd)):
$login_ok = 1;
$cookie_life = 1*24*3600; // cookie lifetime in seconds (e.g. here: 1 day)
setcookie("valid",$login_ok,time()+$cookie_life);
continue;
endif;
endwhile;
if($login_ok):
redirect("your_next_file.txt" // for first-time users
else:
?>
You better choose a valid login/password! <a href="<?php echo basename($PHP_SELF); ?>">Try again</a>
<?php
endif;
endif;
if($valid and !$sent) redirect("your_next_file.txt" // for continued use during cookie lifetime
?>
</Code>
<code>
<?php
// --------------------------------------------------------------------------------
// Topic: Authentication using cookies and filebased password/login list
// Author: Copyright (c) by Urs Gehrig <admin@circle.ch>
// Version: 1.0.0
// Update: 19-7-2000
// Licence: ?
// PHP: php-4.0.0-win32
// Browser: IE 5, Netscape 4.7
//
// Handling: This might be your startup index.php file, where you check the
// users.
//
// Enjoy!
// --------------------------------------------------------------------------------
// --------------------------------------------------------------------------------
// functions
// --------------------------------------------------------------------------------
function redirect($cmd){
?>
<SCRIPT language=JavaScript>
window.location.href="<?php echo $cmd; ?>";
</SCRIPT>
<?php
}
// --------------------------------------------------------------------------------
// main
// --------------------------------------------------------------------------------
$header = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD><TITLE>login form</TITLE><link rel="stylesheet" href="style.php"></HEAD><BODY>';
$footer = '</BODY></HTML>';
if (!isset($login) and !isset($passwd) and !$valid):
echo $header;
?>
<form method="post" action="<?php echo basename($PHP_SELF); ?>" name=loginform>
login: <input type="text" name="login" maxlength=50 size=10 style="width: 90px; font-size: 10px">
password: <input type="password" name="passwd" maxlength=50 size=10 style="width: 90px; font-size: 10px">
<input type=submit value="login" name="sent" style="width: 30px; heigth: 18px; font-size: 10px">
</form>
<script language=JavaScript>
<!--
if (document.loginform) {
document.loginform.login.focus();
}
// -->
</script>
<?php
echo $footer;
elseif(isset($sent)):
$login_ok = 0;
$fp = fopen("password.txt", "r"
while (feof($fp) == 0):
$line = chop(fgets($fp,1000));
$arr = split(",", $line);
if (($arr[0] == $login) and ($arr[1] == $passwd)):
$login_ok = 1;
$cookie_life = 1*24*3600; // cookie lifetime in seconds (e.g. here: 1 day)
setcookie("valid",$login_ok,time()+$cookie_life);
continue;
endif;
endwhile;
if($login_ok):
redirect("your_next_file.txt" // for first-time users
else:
?>
You better choose a valid login/password! <a href="<?php echo basename($PHP_SELF); ?>">Try again</a>
<?php
endif;
endif;
if($valid and !$sent) redirect("your_next_file.txt" // for continued use during cookie lifetime
?>
</Code>