Welcome to WebmasterWorld Guest from 54.224.158.39

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Simplist Possible Unsecure Password Script

A database is not needed

     
1:55 pm on Jun 1, 2007 (gmt 0)

Junior Member

10+ Year Member

joined:Oct 30, 2005
posts:55
votes: 0


Hi,

Could you please tell me what the simplist unsecure password script is? I don't need a database. All I need someone to do is enter a password and be redirected to a new page if the password is correct.

I would really appreciate it.

Brandon

2:02 pm on June 1, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member eelixduppy is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 12, 2005
posts:5966
votes: 0


Assuming you are only allowing one password, something like this is as simple as it gets...

if($_POST['password'] == 'correct_password') {
header("Location: http://www.example.com/redirected_page.html");
exit();
} else {
echo 'You did not type in the correct password';
}

Oh course, you post a form to this page with something like the following:


<input type="text" name="password" />

If you are gonig to want to incorporate multiple passwords, you are going to have to take a silghtly different approach.

Just a quick note here. The redirected page is NOT secure, and anyone can see it if they type in the uri into the browser. To make it secure you can set a session variables and make sure it exists on the redirected page, or you can echo out the information to the browser right after the password check, instead of using the header*() redirect.

Good luck

2:05 pm on June 1, 2007 (gmt 0)

Administrator

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 24, 2001
posts:15756
votes: 0


you could also just set up htaccess
2:17 pm on June 1, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member eelixduppy is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 12, 2005
posts:5966
votes: 0


Yes, which is probably a better solution in this case.

you could also do http authentication through php: [php.net...]

:)

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members