.htaccess Password Protection
Learn how to super protect your files without the use of mySQL.
The code can be split up into three if-else statements. Let's take a look at what we will have to do in order to set up the password protection:
1. If the user has not been authenticated, then use the PHP header and ask for a username and password.
2. Else, if the user's name is "kingpin" and the password is "kingpin", log in. Inside here you would put all the code for the user.
3. Else tell them the user/password failed.
Finally, here is the PHP Code:
Code:
<?
//part 1
if (!isset($PHP_AUTH_USER))
{
header("WWW-Authenticate: Basic realm="kingpin Password."");
Header("HTTP/1.0 401 Unauthorized");
exit;
}
//part 2
else if(($PHP_AUTH_USER=="kingpin") && ($PHP_AUTH_PW=="kingpin"))
{
echo "You'r in...";
//place the code for the whole user page in here
//you can also set up a redirect to the user page if you want
}
//part 3
else
{
echo "<html><body bgcolor=ffffcc>Faiiiiiiiil";
//fail try again
}
?>
Some notes about this script: it is essential to note that this username and password will last the whole session, that means that as long as that explorer window is open, the name and password will be saved for that realm. So if you mistyped the name or the password, you'll have to close the explorer window and re-open it and try again.
PHP Tutorial #6 : .htaccess thru php without mysql
View KingPin's sig
