Passworded Web Page? - Anyway I can make one?
free web hosting
Free Web Hosting, No Ads > General > Hosted Members Area

Passworded Web Page? - Anyway I can make one?

Damen
Jun 16 2007, 03:21 PM
-Problem solved...I feel like an idiot. Trying to make my own .htaccess files and stuff. Then I got a stroke of genius and decided to look in the cPanel...and behold they have something to do it for you..sorry guys.

You know how we have to log in to a little box thing to get into our cPanel? I was wondering if I could set something up like that for a page I have hosted here. The reason why I want to do it is because if too many people go to my web page from our school the webmaster will end up blocking it(Because he is EVIL! lol). I know I might be able to do something like this with some PHP but that wouldn't block people from directly accessing the web page itself.

So does anyone have any suggestions on how to do this? It would be greatly appreciated!

QUOTE
*edit* -Please scroll down to see my post on what I am have done so far, and isn't working.


Hmm. It seems that I can try to do this with the .htaccess file. Well so says google. So I am going to look into that but I am still welcoming and suggestions! There was a javascript one I found but it wouldn't stop them from access the page if they typed the url in.
Notice from jlhaslip:
Merged posts. Please use the edit feature to add information rather than double posting. thanks.

 

 

 


Reply

nol
Jun 16 2007, 03:32 PM
QUOTE
<script language="JavaScript" type="text/javascript">var pass, i;pass=prompt("Please enter password!","");if (pass=="null") {window.location.href="http://www.yoursite.trap17.com/"+pass+".html";i=4;
}
else
{
alert ("haha, you made it here, but can't go farther!");
}
</script>


change whats in bold to your url, change the .html to .php if thats what the page you want it to go to is in .php, what it does is, if somebody types "acorn" it will redirect that person to "yoursite.trap17.com/acorn.php" ive only tested this in firefox, so idk if it works with any other browser

Reply

Damen
Jun 16 2007, 03:57 PM
QUOTE(nol @ Jun 16 2007, 10:32 AM) *
change whats in bold to your url, change the .html to .php if thats what the page you want it to go to is in .php, what it does is, if somebody types "acorn" it will redirect that person to "yoursite.trap17.com/acorn.php" ive only tested this in firefox, so idk if it works with any other browser


But my question before I try this is, will this stop someone from accessing the file by typing in the url path directly?

Reply

nol
Jun 16 2007, 04:10 PM
no, to do that im pretty sure you should just have a user system , a basic one at that, and then you can have user-protect pages. But still, idk if thats what you want, maybe you could chmod it or something

Reply

Damen
Jun 16 2007, 04:15 PM
Well I think going about this through the .htaccess will be the best bet, and most secure.

I can get the message to pop up but for some reason it won't take the passes I gave it.

Here is a link the passworded dir. www.damen.trap17.com/proxy .

Here is the code for the .htaccess I have in that dir.

CODE
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /pass/.htpasswd
AuthGroupFile /dev/null
require valid-user


and then I have a folder in the "proxy" dir called pass. That is where my .htpasswd file is at.

here is what I have in the .htpasswrd file int he "pass" dir.
(I am not going to put my passwords even though they are hashed. I will only put the example one.
CODE
Damen:-censored-
Jon:-censored-
Josh:-censored-
trap17:3QzQ33Gs8qREU


The password for the trap17 user is test .

But for some reason it just doesn't go the the page after you type the username and pass in. The pass dialog box flashes and just clears the values.

Any ideas?

 

 

 


Reply

masugidsk8r
Jun 16 2007, 07:15 PM
there's a method that lets you do what you want in PHP. There's no need to use or access the .htaccess file. If you know a lil bit of PHP, then tha'ts good. Basically what you hava to do first is to convert the html to php (simple change the file extension from .html to .php). What you do next is to insert this add this script to the top of the "hidden" page:

CODE
<?

$password = $_SESSION['password'];
$secretPassword = "yoursecretpassword";
if ($password != $secretPassword) {
     header("Location: http://yoursite.com/passworddidnotmatch.html");
}

?>



---

Now in the page where the user enters a password, assign the $_SESSION password to the value of the input field. If anyone would like to continue this undetailed tutorial then please do so.

Reply

Damen
Jun 16 2007, 08:41 PM
I know PHP, but the reason that I didn't want to use it, especially what you put up(No offense) Was because or two or more reasons.

1.)People could view that password through "view source code" That is easy to avoid by just using a mySQL database to hold hashed passwords but then come the other problem.
2.)Lets say I put that file as "damen.trap17.com/login.php" they go to that to login, but what stops them from just going to the other site via url? Nothing.

Plus it is always good to learn some more stuff that you didn't before. Now I know how to do my own Error pages.

Thanks for trying to help anyways though!

You can see what I have now by going to www.damen.trap17.com/proxy but you will not be able to log in.

Reply

galexcd
Jun 17 2007, 07:02 PM
QUOTE(Damen @ Jun 16 2007, 01:41 PM) *
1.)People could view that password through "view source code" That is easy to avoid by just using a mySQL database to hold hashed passwords but then come the other problem.

Uh.. I'm not sure who you are talking to there, but both masugidsk8r and nol's scripts don't show the password anywhere in the source.

In nol's script javascript doesn't contain the password anywhere, the actual page name does, so you cant access the page without genuinely knowing what it is called.

masugidsk8r is all in php, so therefore the password can't be seen in the source... I must have not understood you or something because I'm SURE you knew that php cant bee seen in the source because it is compiled on the server before it is sent to your computer. o_O Bleah why am I explaining that I'm sure everybody knows that...

Edit:

Also you can secure all of the pages on your site with a session. no need to use hta access. Plus with php you can make the login page look however you want it to look instead of a username and password block coming down when you go to a directory that is locked...

Reply


Got an Opinion! Express your Views! (no registration):-
Add your Reply/ Opinion/ Views/ Comments/ Suggestion/ Questions/ Queries etc.
Posts with decent grammar & English will be accepted and please refrain from profanities.
For asking a Question, We recommend you to sign-up (for free) so that you can track the topic easily.

Nature of your Post*: Opinion/ Reply/ Comments
Question/Query
Feedback to us.
       
Name   Email
Title/Question*

(Maximum characters: 10,000)
You have characters left.
Confirm Code:

Similar Topics

Keywords : passworded web


    Looking for passworded, web, page, make,

Searching Video's for passworded, web, page, make,
advertisement



Passworded Web Page? - Anyway I can make one?



 

 

 

 

ADD REPLY / Got an Opinion! a humble request :-) RAPID SEARCH! Free Hosting [X]
Express your Opinions, Thoughts or Contribute more info. to help others.
Ask your Doubts & Queries to get answers, So that "Together We can help others!" 		Register FREE for AD-FREE forum, Create your own topics, Ask Questions, track topics, setup subscriptions & notifications and Get a Free Website w/ Email and FTP.
500MB Space *No Ads*, CPanel, FTP, PHP, MySQL, EMails - 100% FREE