|
I use php, it depends on the level of security your going after
you could try the following code, it's pretty standard. put it in a seperate file called authentication.php and put
include('../authentication.php');
at the top of all pages you want pasword protected.
put the following in php tags
// This page handles the authentication for the admin pages.
$authorized = FALSE; // Initialize a variable.
// Check for authentication submission.
if ( (isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) AND isset($HTTP_SERVER_VARS['PHP_AUTH_PW'])) ) {
if ( ($HTTP_SERVER_VARS['PHP_AUTH_USER'] == 'name') AND ($HTTP_SERVER_VARS['PHP_AUTH_PW'] == 'password') ) { // If the correct values were entered...
$authorized = TRUE;
} else {
$authorized = FALSE;
}
} else {
$authorized = FALSE;
}
// If they haven't been authorized, create the pop-up window.
if ($authorized == FALSE) {
header('WWW-Authenticate: Basic realm="Administration"');
exit(); // For cancellations.
}
|