[html/java/php] Passwording webpages - Tilted Forum Project Discussion Community

punx1325 · 08-12-2004, 06:15 PM

I am making a website for my fraternity and we want to have a user/password section to protect our directory. Nothing special, just to keep random people from getting ahold of our phone numbers. The only problem is I have no clue how to program this. I am designing the site with Adobe Photoshop and making the necessary changes in Microsoft Frontpage. If anyone could help me out with a simple code or function in fp which will activate passwording that would be awesome! Thanks!

asdfasdf1 · 08-12-2004, 06:53 PM

How is the site hosted? If it's hosted on Apache than you can start using .htaccess and .htpasswd files.

This will let you prompt for a login/password built in apache and nearly impossible to get past.

Here is an example of a config for .htaccess
##########
deny from all

##Allow One IP address without auth.
allow from 207.144.22.22/32
AuthType Basic
AuthName "Configuration System - Level 15"
AuthUserFile /home/website.com/www/secured/.htpasswd
require valid-user
# Satisfy any will let passworded users or IP Users
# Satisfy all will require you to match ip and password
satisfy any
#

More on google!

punx1325 · 08-12-2004, 09:43 PM

Thanks for the idea asdfasf1, I am looking into the server setup right now, but I won't know until late tomorrow. It doesn't have to be the most secure thing on earth I just want something to prompt a user/password for 2 webpages on the site. I need very basic, because people down the road may not know what to do. I'll keep googling but if anyone knows a simple solution let me know. Thanks!

sailor · 08-13-2004, 05:24 AM

There's no such thing as a decent JavaScript password utility. What you want is the Apache .htaccess that was listed above (assuming you can do that on your server). Its by far the easiest way to do that. The other way is a sessions-based php/mysql authentication scheme, but that seems to be a bit over your head

RelaX · 08-13-2004, 11:11 AM

Well... if you have php and it can be as crappy as possible, why not just do:

PHP Code:


			
<?php 

// Put all your users in this array:

$users = array(

"HalX"=>"TFP",

"RelaX"=>"ThaMan",

"User"=>"Password");



echo '<?xml version="1.0" encoding="UTF-8"?>'; 



?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"

    "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

  <head>

    <title>Title of the page</title>

    <style type="text/css">

         html, body   { height: 100%; margin: 0; padding: 0;



                        color: white; text-align: center; }



         div.centered { border: 0; background-color: white; height: 50%; width: 50%;



                        position: absolute; left: 20%; top: 25%; color: black; }

                        

                        

         div.bottom { border: 0; background-color: white; height: 90%; width: 0%;



                        position: absolute; left: 80%; top: 80%; color: black; }

    </style>

  </head>

  <body>

  <?php

  if ($users($_REQUEST["user"]) && $users($_REQUEST["user"])==$_REQUEST["password"])

  {

  ?>



  Real content here



  <?php

  }

  else

  {

  ?>



  <div class="centered">

  <br /><br />

    <form action="<?php global $PHP_SELF; echo $PHP_SELF; ?>" method="post">

      <p>You must be logged in to see this page<br />



      Username: <input name="user" type="text" /><br />

      Password: <input name="password" type="password" /><br /><br />

      <input type="submit" value="Log in" /><br /></p>

    </form>

  </div>

  <div class="bottom">

    <p>

      <a href="http://validator.w3.org/check?uri=referer">

        <img src="http://www.w3.org/Icons/valid-xhtml11" alt="Valid XHTML 1.1!" height="31" width="88" border="0"/>

      </a>

    </p>

  </div>

  <?php

  }

  ?>

  </body>

</html>

Or something like that (this is all from memory and bound to be flawed).

"It's quick... it's dirty... I love it"
Forget who said it, but it feels like an appropriate quotation.

EDIT: Okay, so I suck... I validated it and added the stylesheet some other guy made to center the damn thing. Make sure you have a recent php version for this though... my crappy 4.2.2 (Red Hat 9

) wouldn't do the array() function, so it's kindof untested. But it should work. I do stuff like this for a living.

Fallon · 08-13-2004, 11:21 AM

Pfft, it's not done like that =p. I can write you a dinky and quick php script tonight. All I need to do is look at my book. =p

punx1325 · 08-13-2004, 06:43 PM

Thanks for your help RelaX! I played around with your code and it sorta works but it's missing something and I am still trying to figure that out. Fallon if you have something which works better, your help would be greatly appreciated! It is reasons like this which I love the TFP!

punx1325 · 08-15-2004, 06:44 PM

Yep I'm stuck I don't know what I am doing. I have been fiddling with RelaX's code, but I am not getting it to work right. If anyone else knows what that code is missing or has a different code to use, your help would be greatly appreciated.

Fallon · 08-16-2004, 05:01 AM

Alright, this is a bit simplified and such but here goes
Hopefully you have PHP running on your server and such.

PHP Code:


			
<? 

  op_start();

  print '<head>

  <title>My spectacular page</title>

</head>

<body>

<h1>Login Form</h1>

  if ( isset ($_POST['submit'])) {

    //Handles the form

    if ( !empty ($_POST['username'])) && ($_POST['password'])) ) {

      if ( ($_POST['username'] == 'testing') && ($_POST['password'] == 'testpass') ) {

        //Everything is good

        header('Location: welcome.php');

        exit();

      } else { //Password was wrong

       print '<p>The submitted username and password do not match those on file<br>Go back and try again.</p>';

      }

    } else {  //Forgot something

      print '<p>Please make sure you enter both a username and a password!<br> Go back and try again.</p>';

    }

  } else { //If form wasn't submitted

    //Displaying the form

    print '<form action="login.php" method="post"><p>

    Username:<input type="text" name="username" size="20"><br>

    Password: <input type="password" name="password" size="20"><br>

    <input type="submit" name="submit" value="Log In"></p>

    </form>';

  }

  print '</body></html>';

  ob_end_flust();

?>

Hopefully this all works, might be a few typos somewhere, I'll look when I get out of work.

punx1325 · 08-18-2004, 11:13 PM

Fallon, I worked with your code, but I am really confused. Nothing is displayed when I load it into frontpage. Is there something missing?

SinisterMotives · 08-19-2004, 10:10 AM

The results of PHP processing instructions don't get displayed in the browser or HTML editor if PHP didn't process the script first. Instead of using the PHP print and echo functions to send HTML to the output, you should embed processing instructions in your HTML template. That way the HTML layout gets displayed even if PHP didn't process the file first. So, instead of this:

PHP Code:


			


echo  "<html>"

       . "<head>"

       . "<title>" . $page_title . "</title>"

       . "</head>"

       . "<body>"

       . $page_content

       . "</body>"

       . "</html>";

do this:

PHP Code:


			


<html>

 <head>

  <title><?=$page_title; ?></title>

 </head>

 <body>

  <?=$page_content; ?>

 </body>

</html>

punx1325 · 08-19-2004, 09:11 PM

I figured it all out. Thanks for your help everyone!

08-12-2004, 06:15 PM	#1 (permalink)
punx1325 Junkie Location: San Diego	[html/java/php] Passwording webpages I am making a website for my fraternity and we want to have a user/password section to protect our directory. Nothing special, just to keep random people from getting ahold of our phone numbers. The only problem is I have no clue how to program this. I am designing the site with Adobe Photoshop and making the necessary changes in Microsoft Frontpage. If anyone could help me out with a simple code or function in fp which will activate passwording that would be awesome! Thanks! __________________ If something seems too good to be true, then it probably is....

08-12-2004, 09:43 PM	#3 (permalink)
punx1325 Junkie Location: San Diego	Thanks for the idea asdfasf1, I am looking into the server setup right now, but I won't know until late tomorrow. It doesn't have to be the most secure thing on earth I just want something to prompt a user/password for 2 webpages on the site. I need very basic, because people down the road may not know what to do. I'll keep googling but if anyone knows a simple solution let me know. Thanks! __________________ If something seems too good to be true, then it probably is....

08-13-2004, 05:24 AM	#4 (permalink)
sailor beauty in the breakdown Location: Chapel Hill, NC	There's no such thing as a decent JavaScript password utility. What you want is the Apache .htaccess that was listed above (assuming you can do that on your server). Its by far the easiest way to do that. The other way is a sessions-based php/mysql authentication scheme, but that seems to be a bit over your head __________________ "Good people do not need laws to tell them to act responsibly, while bad people will find a way around the laws." --Plato

08-13-2004, 11:11 AM	#5 (permalink)
RelaX Follower of Ner'Zhul Location: Netherlands	Well... if you have php and it can be as crappy as possible, why not just do: PHP Code: <?php // Put all your users in this array: $users = array( "HalX"=>"TFP", "RelaX"=>"ThaMan", "User"=>"Password"); echo '<?xml version="1.0" encoding="UTF-8"?>'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head> <title>Title of the page</title> <style type="text/css"> html, body { height: 100%; margin: 0; padding: 0; color: white; text-align: center; } div.centered { border: 0; background-color: white; height: 50%; width: 50%; position: absolute; left: 20%; top: 25%; color: black; } div.bottom { border: 0; background-color: white; height: 90%; width: 0%; position: absolute; left: 80%; top: 80%; color: black; } </style> </head> <body> <?php if ($users($_REQUEST["user"]) && $users($_REQUEST["user"])==$_REQUEST["password"]) { ?> Real content here <?php } else { ?> <div class="centered"> <br /><br /> <form action="<?php global $PHP_SELF; echo $PHP_SELF; ?>" method="post"> <p>You must be logged in to see this page<br /> Username: <input name="user" type="text" /><br /> Password: <input name="password" type="password" /><br /><br /> <input type="submit" value="Log in" /><br /></p> </form> </div> <div class="bottom"> <p> <a href="http://validator.w3.org/check?uri=referer"> <img src="http://www.w3.org/Icons/valid-xhtml11" alt="Valid XHTML 1.1!" height="31" width="88" border="0"/> </a> </p> </div> <?php } ?> </body> </html> Or something like that (this is all from memory and bound to be flawed). "It's quick... it's dirty... I love it" Forget who said it, but it feels like an appropriate quotation. EDIT: Okay, so I suck... I validated it and added the stylesheet some other guy made to center the damn thing. Make sure you have a recent php version for this though... my crappy 4.2.2 (Red Hat 9 ) wouldn't do the array() function, so it's kindof untested. But it should work. I do stuff like this for a living. __________________ The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We cause accidents. - Nathaniel Borenstein Last edited by RelaX; 08-13-2004 at 11:47 AM..

08-13-2004, 06:43 PM	#7 (permalink)
punx1325 Junkie Location: San Diego	Thanks for your help RelaX! I played around with your code and it sorta works but it's missing something and I am still trying to figure that out. Fallon if you have something which works better, your help would be greatly appreciated! It is reasons like this which I love the TFP! __________________ If something seems too good to be true, then it probably is....

08-12-2004, 06:53 PM	#2 (permalink)
asdfasdf1 Upright	How is the site hosted? If it's hosted on Apache than you can start using .htaccess and .htpasswd files. This will let you prompt for a login/password built in apache and nearly impossible to get past. Here is an example of a config for .htaccess ########## deny from all ##Allow One IP address without auth. allow from 207.144.22.22/32 AuthType Basic AuthName "Configuration System - Level 15" AuthUserFile /home/website.com/www/secured/.htpasswd require valid-user # Satisfy any will let passworded users or IP Users # Satisfy all will require you to match ip and password satisfy any # More on google!

08-13-2004, 11:21 AM	#6 (permalink)
Fallon Junkie Location: RI	Pfft, it's not done like that =p. I can write you a dinky and quick php script tonight. All I need to do is look at my book. =p

08-15-2004, 06:44 PM	#8 (permalink)
punx1325 Junkie Location: San Diego	Yep I'm stuck I don't know what I am doing. I have been fiddling with RelaX's code, but I am not getting it to work right. If anyone else knows what that code is missing or has a different code to use, your help would be greatly appreciated. __________________ If something seems too good to be true, then it probably is....

08-16-2004, 05:01 AM	#9 (permalink)
Fallon Junkie Location: RI	Alright, this is a bit simplified and such but here goes Hopefully you have PHP running on your server and such. PHP Code: <? op_start(); print '<head> <title>My spectacular page</title> </head> <body> <h1>Login Form</h1> if ( isset ($_POST['submit'])) { //Handles the form if ( !empty ($_POST['username'])) && ($_POST['password'])) ) { if ( ($_POST['username'] == 'testing') && ($_POST['password'] == 'testpass') ) { //Everything is good header('Location: welcome.php'); exit(); } else { //Password was wrong print '<p>The submitted username and password do not match those on file<br>Go back and try again.</p>'; } } else { //Forgot something print '<p>Please make sure you enter both a username and a password!<br> Go back and try again.</p>'; } } else { //If form wasn't submitted //Displaying the form print '<form action="login.php" method="post"><p> Username:<input type="text" name="username" size="20"><br> Password: <input type="password" name="password" size="20"><br> <input type="submit" name="submit" value="Log In"></p> </form>'; } print '</body></html>'; ob_end_flust(); ?> Hopefully this all works, might be a few typos somewhere, I'll look when I get out of work.

08-18-2004, 11:13 PM	#10 (permalink)
punx1325 Junkie Location: San Diego	Fallon, I worked with your code, but I am really confused. Nothing is displayed when I load it into frontpage. Is there something missing? __________________ If something seems too good to be true, then it probably is....

08-19-2004, 10:10 AM	#11 (permalink)
SinisterMotives Junkie	The results of PHP processing instructions don't get displayed in the browser or HTML editor if PHP didn't process the script first. Instead of using the PHP print and echo functions to send HTML to the output, you should embed processing instructions in your HTML template. That way the HTML layout gets displayed even if PHP didn't process the file first. So, instead of this: PHP Code: `echo "<html>" . "<head>" . "<title>" . $page_title . "</title>" . "</head>" . "<body>" . $page_content . "</body>" . "</html>";` do this: PHP Code: `<html> <head> <title><?=$page_title; ?></title> </head> <body> <?=$page_content; ?> </body> </html>`

08-19-2004, 09:11 PM	#12 (permalink)
punx1325 Junkie Location: San Diego	I figured it all out. Thanks for your help everyone! __________________ If something seems too good to be true, then it probably is....