Menu
Hey, nooby here ?
I am looking for a PHP solution for password protect pages.
I have successfully implemented this code which check a user name and password to grant access.
The problem is that each user needs a different (password protected) page.
What I would like to do is take it a step further and have each user directed to a specific page.
visitor1 => [url]www.mysite.com/visitor1.com
visitor2 => [url]www.mysite.com/visitor2.com
Since I am not going to have anymore than three users I don’t want the complication of a database and keep everything PHP.
I don’t need a very strong protection as such, just a way to redirect users to their page once they identified.
Any idea please?
Cheers,
This is the login page:
[code=php] <?php
$LOGIN_INFORMATION = array(
‘visitor1’ => ‘password1’,
‘visitor2’ => ‘password2’
);
define(‘USE_USERNAME’, true);
define(‘LOGOUT_URL’, ‘http://www.mysite.com/logout.php’);
define(‘TIMEOUT_MINUTES’, 0);
define(‘TIMEOUT_CHECK_ACTIVITY’, true);
if(isset($_GET[‘help’])) {
die(‘Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include(“‘ . str_replace(‘\’,’\\’,__FILE__) . ‘”); ?>’);
}
$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);
if(isset($_GET[‘logout’])) {
setcookie(“verify”, ”, $timeout, ‘/’); // clear password;
header(‘Location: ‘ . LOGOUT_URL);
exit();
}
if(!function_exists(‘showLoginPasswordProtect’)) {
function showLoginPasswordProtect($error_msg) {
?>
<!DOCTYPE HTML>
<html>
<head>
</head>
<body class=”loading”>
<div style=”width:500px; margin-left:auto; margin-right:auto; text-align:center”>
<form method=”post”>
<p>Please enter password</p><br />
<font color=”red”><?php echo $error_msg; ?></font><br />
<?php if (USE_USERNAME) echo ‘Login:<br /><input type=”input” name=”access_login” /><br />Password:<br />’; ?>
<input type=”password” name=”access_password” /><p></p><input type=”submit” name=”Submit” value=”Submit” />
</form>
</div>
</body>
</html>
<?php
die();
}
}
if (isset($_POST[‘access_password’])) {
$login = isset($_POST[‘access_login’]) ? $_POST[‘access_login’] : ”;
$pass = $_POST[‘access_password’];
if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
|| (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) )
) {
showLoginPasswordProtect(“Incorrect password.”);
}
else {
setcookie(“verify”, md5($login.’%’.$pass), $timeout, ‘/’);
unset($_POST[‘access_login’]);
unset($_POST[‘access_password’]);
unset($_POST[‘Submit’]);
}
}
else {
if (!isset($_COOKIE[‘verify’])) {
showLoginPasswordProtect(“”);
}
$found = false;
foreach($LOGIN_INFORMATION as $key=>$val) {
$lp = (USE_USERNAME ? $key : ”) .’%’.$val;
if ($_COOKIE[‘verify’] == md5($lp)) {
$found = true;
// prolong timeout
if (TIMEOUT_CHECK_ACTIVITY) {
setcookie(“verify”, md5($lp), $timeout, ‘/’);
}
break;
}
}
if (!$found) {
showLoginPasswordProtect(“”);
}
}
?>
And here is the code I used at the top of each protected page:
[code=php]<?php include(“/home/user/public_html/clients/login.php”); ?>