Introduction:
Time to time you may want to protect some of your web pages but you don't want to setup any complicated system and a database only for this. In this article I will present you a very simple solution how you can do it easily. I know this solution is not the best but some not mission critical cases it can be very useful.
Step 1.
The main idea is to insert only one line of code into each of your web pages you want to protect. This code includes a form processing script at the beginning of your original code. It first displays a small form to enter your password and if it is ok then shows the original page content.
So now we need to create a PHP script with a simple form processing. The form is very simple, only a password field and a submit button is present. The code is the following:
Step 2.
As we don't want to show the form always we put it inside a function and this function will be called if necessary. The main application logic checks if the form was submitted or not. If not then displays the form else check the entered password. If it fails then informs the visitor and displays the login form again. If the password was right then we do nothing so the rest of the code will be displayed.
Don't forget that in case of displaying the form we need to exit from the code processing to hide the important page content.
The application logic looks like this:
As you can see the password is hard coded and exists in human readable format. If you want you can store it in a separate file and encode it for example with md5() function. All is up to you.
Step 3.
Now we are ready with the script. Now if you want to protect any of your pages you need to insert the following line of code at the beginning of your PHP code:
Time to time you may want to protect some of your web pages but you don't want to setup any complicated system and a database only for this. In this article I will present you a very simple solution how you can do it easily. I know this solution is not the best but some not mission critical cases it can be very useful.
Step 1.
The main idea is to insert only one line of code into each of your web pages you want to protect. This code includes a form processing script at the beginning of your original code. It first displays a small form to enter your password and if it is ok then shows the original page content.
So now we need to create a PHP script with a simple form processing. The form is very simple, only a password field and a submit button is present. The code is the following:
Code:
<?php
function showForm($error="LOGIN"){
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"DTD/xhtml1-transitional.dtd">
<html>
<body>
<?php echo $error; ?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="pwd">
Password:
<table>
<tr>
<td><input name="passwd" type="password"/></td>
</tr>
<tr>
<td align="center"><br/>
<input type="submit" name="submit_pwd" value="Login"/>
</td>
</tr>
</table>
</form>
</body>
<?php
}
?>
As we don't want to show the form always we put it inside a function and this function will be called if necessary. The main application logic checks if the form was submitted or not. If not then displays the form else check the entered password. If it fails then informs the visitor and displays the login form again. If the password was right then we do nothing so the rest of the code will be displayed.
Don't forget that in case of displaying the form we need to exit from the code processing to hide the important page content.
The application logic looks like this:
Code:
<?php
$Password = 'demo'; // Set your password here
if (isset($_POST['submit_pwd'])){
$pass = isset($_POST['passwd']) ? $_POST['passwd'] : '';
if ($pass != $Password) {
showForm("Wrong password");
exit();
}
} else {
showForm();
exit();
}
?>
Step 3.
Now we are ready with the script. Now if you want to protect any of your pages you need to insert the following line of code at the beginning of your PHP code:
Code:
<?php require_once('protector.php'); ?>