Simplist Possible Unsecure Password Script

Forum Moderators: coopster

Message Too Old, No Replies

Simplist Possible Unsecure Password Script

A database is not needed

successfirst

1:55 pm on Jun 1, 2007 (gmt 0)

Hi,

Could you please tell me what the simplist unsecure password script is? I don't need a database. All I need someone to do is enter a password and be redirected to a new page if the password is correct.

I would really appreciate it.

Brandon

eelixduppy

2:02 pm on Jun 1, 2007 (gmt 0)

Assuming you are only allowing one password, something like this is as simple as it gets...


if($_POST['password'] == 'correct_password') {
header("Location: http://www.example.com/redirected_page.html");
exit();
} else {
echo 'You did not type in the correct password';
}

Oh course, you post a form to this page with something like the following:


<input type="text" name="password" />

If you are gonig to want to incorporate multiple passwords, you are going to have to take a silghtly different approach.

Just a quick note here. The redirected page is NOT secure, and anyone can see it if they type in the uri into the browser. To make it secure you can set a session variables and make sure it exists on the redirected page, or you can echo out the information to the browser right after the password check, instead of using the header*() redirect.

Good luck

jatar_k

2:05 pm on Jun 1, 2007 (gmt 0)

you could also just set up htaccess

eelixduppy

2:17 pm on Jun 1, 2007 (gmt 0)

Yes, which is probably a better solution in this case.

you could also do http authentication through php: [php.net...]