Password Protection With PHP
|
| |
Home | About Us | Computer & Internet
|
|
|
Now, remember how we personalized a page for your visitor? This works fine, but what do we do
if they didn't use that special link, and just went to the page?
What I'm saying is, if your special personalized page was at
http://www.your.host/sales.php/f=Oscar/l=Grouch
but your visitor only went to
http://www.your.host/sales.php.
Instead of the name there would just be a blank spot! Last chapter I forgot to cover this.
All we have to do to fix it is to tell PHP that if they didn't leave a name, to substitute one in for
them. So let's say that if they left their first name blank to make their first name "Friend". This
way instead of saying "Dear Oscar:" it would say "Dear Friend:".
Put the following line of code JUST ABOVE THE LINE that says something similar to:
echo "$f $l" : if ($f == "") { $f = "Friend"; }
That way, you can use your special personalized page as a normal page and no one will be the
wiser.
Password protection is something you need every once in a while. Whether it's a secret site
you're running or just the control panel of your favorite script.
Sometimes you don't need a fancy solution like .htaccess if you're only worrying about a single
user (you). But JavaScript passwords can be worked around, and HTML-based passwords based
on cookies, written in PHP are complicated and take time to write. Htaccess is nice but it's a pain
if you just want to use it for one person.
Here is a simple way to use HTTP authentication (the same you see used by htaccess) with just a
few lines of code. Below are the sample contents of a file you can use.
<?PHP
$myusername = "myusername";
$mypassword = "mypassword";
$areaname = "My Protected Area";
if ($PHP_AUTH_USER == "" || $PHP_AUTH_PW == "" ||
$PHP_AUTH_USER != $myusername || $PHP_AUTH_PW != $mypassword) {
header("HTTP/1.0 401 Unauthorized");
header("WWW-Authenticate: Basic realm=\"$areaname\"");
echo "<h1>Authorization Required.</h1>";
die();
}
?>
my main text.
* The function die(); I've placed below it tells PHP to stop everything immediately. I do this out of
habit (and you should too) because it makes sure that once you've done the redirect, nothing
else gets sent. Which is what we call "a good thing".
Last chapter we learned that PHP code can be integrated into your HTML. All you have to do is
make sure the file ends in .PHP (for example, "firehydrant.php") and it will work. Everything that
comes in between this:
Is treated as PHP code. Everything outside of those tags is treated as plain HTML.
When copying this code over be SURE to include that last line where it says "my main text." Note
that "my main text" is located outside of the PHP code brackets. This means that where you see
"my main text" can be your normal HTML file!
Take all of this code and Upload the script onto your web server and run it in the browser. You
should be greeted by a password popup box similar to those you see with htaccess. Enter
"myusername" as the username and "mypassword" as the password. You should be given a
page that says "my main text" and nothing else.
Close your browser window (this is very important) and go back to that page. Try entering the
wrong info. The box will come up again. You have three tries and then are given that dreadful
"Authorization Required" message.
If you want to take the next step, go back to your code and change "myusername" and
"mypassword" to a username and password of your choice.
Upload it back to your web server and try again. Now go to that page again and you'll see that
you can only be let in using the username and password you chose for yourself.
Now change the part that says "My Protected Area" to something else, say "John Calder's Bar
and Grill." Upload and try it. You'll see when that password box comes up under "Realm" it'll say
"John Calder's Bar and Grill." You can change this to whatever you like.
But what if you want to password protect just a handful of files? Do you have to copy and paste
this code onto PHP script after PHP script?
Hell no!
Take the code you just modified and take the last line out of it. You know, the one that said "my
main text." All you should have in there now is everything in between the PHP brackets (<?PHP
and ?>).
Save this file as "auth.php". You can rename this later, on your own time.
Make a new file called "test.php" or just rename a normal HTML to this name. It doesn't matter.
At the very top of test.php (the VERY top, meaning the first line) copy and paste this line of code:
<?PHP include("auth.php"); ?>
Upload auth.php and test.php to your web server and run test.php. Make sure both files are
placed in the same folder. Now, try to go to test.php in your web browser. You'll see that you
can't get to test.php without the right username and password. You can do this to any file with a
".PHP" extension just by adding that one line of code.
The catch to it is that this line of code has to be at the very top of the file. On the very first line.
The reason for this is that when the script asks for a person's username and password, these
are sent using HTTP headers and *must* come before anything else.
Of course, this doesn't take care of your secret sites or private members' areas, where you have
to deal with several logins, but that's what htaccess is for. While we're on the subject of
includes, one last thing before we finish up.
Includes are basically a way of absorbing other files into your script. As you saw when we
included auth.php, the script read everything that was in auth.php and used it as if the contents
of that file were actually there. This works with not only PHP scripts but also with other files as
well.
Make a new file called "header.html". Put anything you want in it, but I just put "This is my
header<br>" when I did it.
Make a second file called "footer.html". Again, go again and put anything you want in it, but I just
put "This is my footer<br>" in.
Make a third file called "main.php". Copy the following into it.
<?PHP include("header.html"); ?>
This is my main page<br>
<?PHP include("footer.html"); ?>
Upload all three into the same folder and run main.php. You should see the following:
This is my header
This is my main page
This is my footer
This is just a basic example of how includes can be used. But if you have a web site with several
pages and the same layout... wouldn't it be easier just to put everything above your main text in
header.html and everything below that main text in footer.html? That way if you change your
design you only have to edit 2 files instead of 100 or 200? You'd think.
Assignment:
Look up the include() function at PHP.net. Find out the difference between include(),
include_once(), require(), and require_once().
QUIZ
1. You have a file called "test.html". Your file contains this code:
<?PHP echo "<b>hey friend</b>"; ?>
What will be the resulting HTML? Meaning, what will you see in the browser (not in the source
code):
A: The phrase "hey friend" in bold
B: The phrase "hey friend"
C: The phrase "hey friend" and then a line break
D: I won't see anything because the filename doesn't end in ".PHP"
2. Let's say you wanted to include the file "hello.txt" in your script. How would you do this?
A: include("hello.txt");
B: include=hello.txt
C: #include <hello.txt>
D: It's impossible.
3. In one of the code snippets in this article, I made use of the die() function. What do you think
this means? (Feel free to look it up at php.net if you don't know.)
A: Causes the entire server to shut down.
B: Reduces the heartbeat of the user to 0 beats per minute.
C: Causes the script to give up right there and then.
D: No one really knows what it does for sure.
4. True or false: For HTTP authentication to work, the "realm" *must* be set to "John Calder's
Bar and Grill".
5. True or false: HTACCESS uses HTTP authentication.
|
|
To peek at the answer, place your mouse over
the Queen with Questions on the right
|
|
|
|
![1.[D] 2.[A] 3.[C] 4.[B] 5.[A]](../../../images/queen_with_question_ty_wht.gif) |
|
|
|
|
However, please try to work out your answers first before peeking at the answers because you
will learn a lot better this way.
|
| |
Here is the list of lessons you can learn from the book Simple PHP:
Chapter 1 Site Personalization With PHP
Chapter 2 Password Protection With PHP
Chapter 3 Autoresponders With PHP
Chapter 4 More Autoresponders With PHP
Chapter 5 JavaScript Fun With PHP
Chapter 6 More JavaScript Fun With PHP
Chapter 7 Basic Arrays and PHP
Chapter 8 File Handling With PHP
Chapter 9 Anything of the Day With PHP
Chapter 10 Affiliate Script With PHP
Chapter 11 Our Knowledge With PHP
Chapter 12 Cookie Fun With PHP
Chapter 13 Comparison With PHP
Chapter 14 Loops With PHP
Chapter 15 A Calendar With PHP
Chapter 16 Functions With PHP
Chapter 17 Saving With PHP
|
Each chapter uses intuitive, interactive instruction, closing with an assignment to complete before
progressing to the next chapter.
As if that wasn't enough, you also get to take a quiz after each lesson and grade it yourself. You
will learn why PHP is the preferred choice by programming professionals.
Ever wonder how come your name shows up peppered throughout a sales page or html email?
Simple PHP teaches you how to do that.
What about protecting your content with password protection? Or an up to the minute calendar?
Learn how to create your own simple Autoresponder program.
How about this: Have you ever wished you could have one of those neat "Joke of the Day" or
"Quote of the Day" features that you see on so many sites? Well, now you can and you'll be
amazed at just how simple it is with Simple PHP.
Learning to use Simple PHP on your web site will save you tons of cash in the long run. The
conversational tone of the lessons is shear brilliance. These lessons are written just as if you
have a tutor sitting right next you, guiding you all the way through.
Having a copy of Simple PHP in your arsenal of tools is a "no-brainer." Just one of the scripts he
provides will save you way more than the few dollars you are about to spend to buy your own
copy of Simple PHP.
|
|
|
| |
This book retails for $17. However, I will make you a very special offer - you get the following 4
books absolutely free!
|
| |
 |
|
You hear the horror stories every day. Crashes, viruses, worms, trojans -
where will it end?
Unless you take care of your computer it will end in easily rendering your
pc completely useless!
A very expensive lesson to learn!
The alternative is to prepare yourself and insure that you know exactly
how to protect yourself from vicious attacks.
The Last Word on eBay. In fact it is alive and kicking and making more
and more people wealthy every day. Do you wish you were one of them?
Well, you can be if you're not afraid to get all the answers
you will EVER need about eBay and making money.
This is NOT just another "pretty eBay face" wrapped up real nice.
Everything you ever wanted to know about eBay is presented with no
holds barred. Discover the reason why your first experience with eBay
may have been a real embarrassing tragedy.
It truly is possible to make money using the eBay model. But, you've egot
to get started the right way.
Learn how to get an online life. If you are brand new or a disappointed
former newbie, you need to read this message very carefully.
If you are (or can remember when you were) someone who is
consumed with a desire to have a business on the Internet,
that can still become a reality for you.
It's so easy to get frustrated when you first come online with
the intention of building a business. Usually, the first thing you come to
realize is that if you are to succeed the first order of business is a
website.
Maybe you've even joined one of those programs that promises to
provide everything for you. You hop on the bandwagon and before you
know it, you've spent hours and dollars building and promoting the
program owners dreams.
You discover that you are spending your hard-earned cash promoting a
website that is exactly like thousands of others!
Learning how to build your own is the only sure fire answer to building
an online business of your own.
Traffic Secrets: Please, don't be misled by the subject! This is not
another redo of the same old information from some cookie cutter
wannabe guru who is spouting rehashed information. Nope, this is
priceless info from a regular guy just like us.
After spending way too much money on countless numbers of courses he
decided enough is enough! His expensive journey allowed him to
develop a no holds barred SIMPLE explanation of the ins and outs of
search engine traffic.
All those expensive courses are totally worthless if you can't understand
them! Well, it really CAN be explained. If you have tried to muddle your
way through all that stuff you are in the right place.
Everything is written in easy to understand terms and you'll wish he had
written this earlier! Don't waste another minute. You need to discover
just how simple search engine optimization can be.
|
|
 |
|
|
|
 |
|
|
 |
|
|
|
Yes, you get all these 5 books for only $17.
Simple PHP
+
Ezy Internet Safety Guide
+
Starting Right with eBay
+
Make Your Own Web Site
+
Search Engine Traffic Secrets
|
| |
|
|
|
|
Immediate download
|
|
|
|
|
|
$17 only for all 5 books
|
|
|
|
|
|
 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
|
|
100% Money Back Guarantee within 8 Weeks
|
|
| |
Your purchase through PayPal is fully secure.
Your purchase is also fully guaranteed.
If within the next 8 weeks you are not satisfied with your purchase, you can get full refund of
your purchase.
Whatever your decision, you can still keep all the 5 books.
With this iron-clad guarantee, you have everything to gain and nothing to lose.
Go ahead and click on the PayPal Buy button.
You will be glad you did - guaranteed.
|
| |
|
|
|
|
Immediate download
|
|
|
|
|
|
$17 only for all 5 books
|
|
|
|
|
| |
Brought to you by Jacob Gan, PhD (Michigan)
|
|
