Please Please help me password protect a page

muayjohn

Hello all,

I am in need of your help. I don't know anything about php, i'm okay with html, javascript and css, but have been told that if i want to password protect a page professionally i will need to use php. Please be gentle.

I need to get from page a.html to page b.html. On page a.html i just need a text box that will take in a password of my choosing and put the user through to page b.html. If the password is wrong then maybe have a little msg displayed. I know this would be easy with javascript but javascript isn't secure.

Any comments on this at all would be greatly appreciated. I have about 5 working days to do this but think i could stretch it to 7 should the something or other hit the fan.

Thank you all very much for any help or advice you can give.

John

Shrike

Assuming that you have PHP installed, you could use a little PHP code for simple security.

On page1.html you would create an HTML form with the form action pointing at page2.php (note the .php extension) . In page2.php you will check that the correct password was sent from the form in page1.html.

$password = "mysecretpassword";
if( !isset( $_POST['password'] ) || $_POST['password'] != $password ))
{
  header( 'Location: /page1.html' );
}

The above code first checks wether the special PHP variable $_POST contains an index 'password', and if it does checks whether it matches the variable $password. If either test fails it uses the header() function to redirect the user back to page1.html. If the tests pass then you can display the contents of page2.php.

This is very limited because the user will have to go to page1.html each time they want to see page2.php. Also if you introduce a second secure page, page3.php, the current setup is not able to protect that page. One way to abstract the page security, or authentication, away from page content is to use a PHP session. I'll explain if the above part makes sense.

HTH

djalecc

Shrike is quite correct here (hello shrike, hows things? 🙂 ), however IF you have access to cPanel, you can password protect the DIRECTORY that b.html is in...

So, on page a.html you link to page b.htm, but page b.html is in the DIR called 'secure', so the link would look like this...

http://www.your-domain.com/secure/b.html

Now in cPanel use the 'Password protect Directories' feature, click on the DIR Secure and add a username and a password. When the page re-freshes, tick the box to make it secure.

Now when you try to access www.your-domain.com/secure/ it pops up the Password Enter Box (like it does when you try to enter cPanel) which I think is much more 'professional looking' than any script in .php or any other code.

Its also VERY secure!

😃