Password protected page using mysql?

iBuddy

I been trying to find a good site to get a password protected site which reads the user name and password from a mysql database. However i had one working and when the page properly appeared it wouldnt allow me to update or add or edit on that page....someone said it was due to a session error.

I dont want them to be redirected to a page...because then if that page that they get redirected to is bookmakred they can just easily click that link and bypass the password page.

scoppc

If that is the case, then you should as well password protect each protected page. What I mean is, you should check for either cookies or sessions that you set after successful login. 🙂

greg252

Not the most secure way to password protect. Most secure is .htaccess.
But...
What you can do is create a page with an

if(!$submit)

Form
After the submit, it checks the db for user and pass, if it exists, include a page from outside the web root, if not, redirect to error page. This way, the edit page is only accessable via the form-- also, should hide vars with the include.

Got it?

iBuddy

Well im lost....but i think what i just need is a javascript box to pop up that displays username and password and stays on that page...if i redirect them they can just bookmark that redirect page and bypass the password everytime. I think javascript box would be better for right now. any ideas on how to code that?

scoppc

Client side authentication, as far as I concern, requires you to include the username and password inside the file itself. So, user will be able to see it.

This is obviously not reliable if you wanna implement higher security.

I would highly recommend u to use cookies or session for this. .htaccess is also another alternative. 🙂

If you insist to use Javascript, please visit javascript forum for details coz I believe that we handle PHP better than javascript here. Good luck!

iBuddy

ya i would really like to use cookies..thats what i was intending on doing however im clueless about cookies u got a script handy that can help me?