Sta.sh
###############################################################
# Page Password Protect 2.1 By PoignentDarkness
###############################################################
#
###############################################################
#
# Usage:
# Set usernames / passwords below between SETTINGS START and SETTINGS END.
# Open it in browser with "help" parameter to get the code
# to add to all files being protected.
# Example: password_protect.php?help
# Include protection string which it gave you into every file that needs to be protected
#
###############################################################
/*
-------------------------------------------------------------------
SAMPLE if you only want to request login and password on login form.
Each row represents different user.
$LOGIN_INFORMATION = array(
'zubrag' => 'root',
'test' => 'testpass',
'admin' => 'passwd'
);
--------------------------------------------------------------------
SAMPLE if you only want to request only password on login form.
Below usernames are empty,a dn only passwords are filled
$LOGIN_INFORMATION = array(
'' => 'root',
'' => 'testpass',
'' => 'passwd'
);
--------------------------------------------------------------------
*/
##################################################################
# SETTINGS START
##################################################################
// Add login/password pairs below, like described above
// NOTE: all rows except last must have comma "," at the end of line
$LOGIN_INFORMATION = array(
'Ashley' => 'Ashley',
'Administrator' => 'Admin',
'User00001' => '1234',
'user00002' => '1234',
'user00003' => '1234',
'carlj' => 'analfun',
'user00005' => '1234',
'user00004' => '1234',
'user00003' => '1234',
'user00002' => '1234',
'user00001' => '1234'
);
// request login? true - show login and password boxes, false - password box only
define('USE_USERNAME', true);
##################################################################
# SETTINGS END
##################################################################
///////////////////////////////////////////////////////
// do not change code below
///////////////////////////////////////////////////////
// show usage example
if(isset($_GET['help'])) {
die('Include following code into every page you would like to protect, at the very beginning (first line):
<?php include("' . __FILE__ . '"); ?>');
}
// logout?
if(isset($_GET['logout'])) {
setcookie("verify", ''); // clear password;
die("Logged out.");
}
if(!function_exists('showLoginPasswordProtect')) {
// show login form
function showLoginPasswordProtect($error_msg) {
?>
////////////////////////////////////////////////////
// This is the HTML code, change as appropriate
////////////////////////////////////////////////////
Please enter password to access this page
<style type="text/css">
<!--
.style1 {
font-size: x-large;
font-weight: bold;
}
-->
</style>
Welcome to the Computech Login Page
<img src="img/img001.jpg" alt="" width="173" height="200">
<style>
input { border: 1px solid black; }
</style>
<form method="post">
<h3>Please enter password to access the members area</h3>
<font color="red"><?php echo $error_msg; ?></font>
<?php if (USE_USERNAME) echo 'Login:
<input type="input" name="access_login" />
Password:
'; ?>
<input type="password" name="access_password" /><input type="submit" name="Submit" value="Submit" />
</form>
////////////////////////////////////////////////////////////////////
// End of HTML
///////////////////////////////////////////////////////////////////
<?php
// stop at this point
die();
}
}
// user provided password
if (isset($_POST['access_password'])) {
$login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
$pass = $_POST['access_password'];
if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
|| (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) )
) {
showLoginPasswordProtect("Incorrect password.");
}
else {
// set cookie if password was validated
setcookie("verify", md5($pass));
}
}
else {
// check if password cookie is set
if (!isset($_COOKIE['verify'])) {
showLoginPasswordProtect("");
}
// check if cookie is good
$found = false;
foreach($LOGIN_INFORMATION as $kay=>$val) {
if ($_COOKIE['verify'] == md5($val)) {
$found = true;
break;
}
}
if (!$found) {
showLoginPasswordProtect("");
}
}
?>
Yeah... forgot to take that out before i posted it...
:thumb78200951:
hm...
So basically when your user puts in their login information, it saves a cookie on their computer so they don't have to retype it every time.
It's basically how 'remember me' functions are created.
Omnomnomnom cookies.
Clearly there is a fairly large web design community here, and as such things like this may help them. Since by the looks of things most of them specialise in design, there is probably a good few people who don't know things like PHP, and yet still need to put basic security on areas of their site, and don't have SQL Access.
Is what a joke?