Scratch

nathanprocks · 2013-01-22 05:55:27

I made a password protected page script in PHP, which is actually embedded in the .php file you want to put a password on. I actually made this for a friend just a while ago and decided to share it with everyone that doesn't know how to do it.

Code:

<?php
    //You can change this password to anything you want... If you want double quotes in your password, You need to escape them like this: \"
    $password = "macbookpro";

    $enteredPass = $_POST["password"];
    if (!($enteredPass == $password))
    {
        die('<div style="text-align: center;"><p>This page is protected with a password!</p><form name="input" action="' . $_SERVER['PHP_SELF']. '" method="POST">Password: <input type="password" name="password"><input type="submit" value="Submit"></form></div>');
    }

// Anything after this line will only be shown if the password is entered! ?>

<!DOCTYPE html>
<html>
    <head>
        <title>Protected page test</title>
    </head>
    <body>
        <p>This text will only appear after the password has been entered!</p>
    </body>
</html>

That is the complete file. Just save it in a file with the .php file extension.

Feel free to change this any way you want!

BlackKyurem · 2013-01-22 07:22:43

I might use that sometime if I actually consider learning php

scimonster · 2013-01-22 09:01:04

If you want to make it so that people can't find the password by looking at the file source (say they get on your computer), so hash the input, and put the hash in the code instead of the password.

RedRocker227 · 2013-01-22 10:42:47

shouldn't

Code:

(!($enteredPass == $password))

be

Code:

($enteredPass!=$password)

that's what i always thought

muppetds · 2013-01-22 10:44:39

scimonster wrote:
If you want to make it so that people can't find the password by looking at the file source (say they get on your computer), so hash the input, and put the hash in the code instead of the password.

yea this is important..

scimonster · 2013-01-22 10:47:55

RedRocker227 wrote:
shouldn't
Code:
(!($enteredPass == $password))
be
Code:
($enteredPass!=$password)
that's what i always thought

Yep. I didn't notice that. Using != is shorter.

ProgrammingFreak · 2013-01-22 11:06:17

You could do this in htaccess.

nathanprocks · 2013-01-22 19:42:03

scimonster wrote:
RedRocker227 wrote:
shouldn't
Code:
(!($enteredPass == $password))
be
Code:
($enteredPass!=$password)
that's what i always thought
Yep. I didn't notice that. Using != is shorter.

I didn't notice that either. It only took a few minutes to make.

scimonster wrote:
If you want to make it so that people can't find the password by looking at the file source (say they get on your computer), so hash the input, and put the hash in the code instead of the password.

I didn't really take much notice of that. You can still crack hashed passwords, but it is better than storing the password as plain text.

EDIT: I just realised that if someone has access to your computer, there is probably no point in hashing the password if someone can just open the file and see the contents of the file...

Last edited by nathanprocks (2013-01-22 19:47:17)

jvvg · 2013-01-22 20:03:03

I think a better idea would be to save whether the user is authenticated in session data, so they only have to enter the password once.
That idea becomes even more useful when implementing something like this across an entire site (like Scratch 2.0).

nathanprocks · 2013-01-22 20:28:16

jvvg wrote:
I think a better idea would be to save whether the user is authenticated in session data, so they only have to enter the password once.
That idea becomes even more useful when implementing something like this across an entire site (like Scratch 2.0).

Lol. I only made this because my friend wanted a personal page on his website... I guess it could be useful for some things. I already said "Feel free to change this any way you want!", so if you used this code yourself, maybe if your too lazy to write one yourself or something, you could modify it to do that.

jji7skyline · 2013-01-23 01:42:41

Cool script. Innovative use of the die() function, though I probably would have used if else logic to display content. tongue

nathanprocks · 2013-01-23 01:59:31

jji7skyline wrote:
Cool script. Innovative use of the die() function, though I probably would have used if else logic to display content.

Thanks!. Die() was the first thing that came into my head when I made this lol.

Scratch

archived forums

#1 2013-01-22 05:55:27

Password protected pages.

Code:

#2 2013-01-22 07:22:43

Re: Password protected pages.

#3 2013-01-22 09:01:04

Re: Password protected pages.

#4 2013-01-22 10:42:47

Re: Password protected pages.

Code:

Code:

#5 2013-01-22 10:44:39

Re: Password protected pages.

scimonster wrote:

#6 2013-01-22 10:47:55

Re: Password protected pages.

RedRocker227 wrote:

Code:

Code:

#7 2013-01-22 11:06:17

Re: Password protected pages.

#8 2013-01-22 19:42:03

Re: Password protected pages.

scimonster wrote:

RedRocker227 wrote:

Code:

Code:

scimonster wrote:

#9 2013-01-22 20:03:03

Re: Password protected pages.

#10 2013-01-22 20:28:16

Re: Password protected pages.

jvvg wrote:

#11 2013-01-23 01:42:41

Re: Password protected pages.

#12 2013-01-23 01:59:31

Re: Password protected pages.

jji7skyline wrote:

Board footer