advanced search

We Recommend

Wicked Cool PHP: Real-World Scripts That Solve Difficult Problems Wicked Cool PHP: Real-World Scripts That Solve Difficult Problems
Wicked Cool PHP contains a wide variety of scripts to process credit cards, check the validity of email addresses, template HTML, and serve dynamic images and text.

Posted By

Tamedo on 12/13/07


Tagged

password


Versions (?)


Who likes this?

7 people have marked this snippet as a favorite

sbbath
vali29
luman
heinz1959
benrasmusen
rhyno
skywalker


password protect

Published in: PHP 

Plain TextExpand 
  1. <?php
  2. ##################################################################
  3. #  SETTINGS START
  4. ##################################################################
  5.  
  6. // Add login/password pairs below, like described above
  7. // NOTE: all rows except last must have comma "," at the end of line
  8. $LOGIN_INFORMATION = array(
  9.   'admin' => 'admin'
  10. );
  11.  
  12. // request login? true - show login and password boxes, false - password box only
  13. define('USE_USERNAME', true);
  14.  
  15. // User will be redirected to this page after logout
  16. define('LOGOUT_URL', 'http://www.example.com/');
  17.  
  18. // time out after NN minutes of inactivity. Set to 0 to not timeout
  19. define('TIMEOUT_MINUTES', 0);
  20.  
  21. // This parameter is only useful when TIMEOUT_MINUTES is not zero
  22. // true - timeout time from last activity, false - timeout time from login
  23. define('TIMEOUT_CHECK_ACTIVITY', true);
  24.  
  25. ##################################################################
  26. #  SETTINGS END
  27. ##################################################################
  28.  
  29.  
  30. ///////////////////////////////////////////////////////
  31. // do not change code below
  32. ///////////////////////////////////////////////////////
  33.  
  34. // timeout in seconds
  35. $timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);
  36.  
  37. // logout?
  38. if(isset($_GET['logout'])) {
  39.   setcookie("verify", '', $timeout, '/'); // clear password;
  40.   header('Location: ' . LOGOUT_URL);
  41.   exit();
  42. }
  43.  
  44. if(!function_exists('showLoginPasswordProtect')) {
  45.  
  46. // show login form
  47. function showLoginPasswordProtect($error_msg) {
  48. ?>
  49. <html>
  50. <head>
  51.   <title>Admin Control Panel</title>
  52.   <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
  53.   <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
  54.   <link href="style.css" rel="stylesheet" type="text/css" media="screen" />
  55. </head>
  56. <body style="text-align:center">
  57.  
  58.   <style>
  59.     input { border: 1px solid black; }
  60.   </style>
  61.   <form method="post">
  62.     <h1>Please enter password to access this page</h1>
  63.     <font color="red"><?php echo $error_msg; ?></font><br />
  64. <?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" /><br />Password:<br />'; ?>
  65.     <input type="password" name="access_password" /><p></p><input type="submit" name="Submit" value="Submit" />
  66.   </form>
  67.  
  68. </body>
  69. </html>
  70.  
  71. <?php
  72.   // stop at this point
  73.   die();
  74. }
  75. }
  76.  
  77. // user provided password
  78. if (isset($_POST['access_password'])) {
  79.  
  80.   $login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
  81.   $pass = $_POST['access_password'];
  82.   if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
  83.   || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) 
  84.   ) {
  85.     showLoginPasswordProtect("Incorrect password.");
  86.   }
  87.   else {
  88.     // set cookie if password was validated
  89.     setcookie("verify", md5($login.'%'.$pass), $timeout, '/');
  90.  
  91.     // Some programs (like Form1 Bilder) check $_POST array to see if parameters passed
  92.     // So need to clear password protector variables
  93.     unset($_POST['access_login']);
  94.     unset($_POST['access_password']);
  95.     unset($_POST['Submit']);
  96.   }
  97.  
  98. }
  99.  
  100. else {
  101.  
  102.   // check if password cookie is set
  103.   if (!isset($_COOKIE['verify'])) {
  104.     showLoginPasswordProtect("");
  105.   }
  106.  
  107.   // check if cookie is good
  108.   $found = false;
  109.   foreach($LOGIN_INFORMATION as $key=>$val) {
  110.     $lp = (USE_USERNAME ? $key : '') .'%'.$val;
  111.     if ($_COOKIE['verify'] == md5($lp)) {
  112.       $found = true;
  113.       // prolong timeout
  114.       if (TIMEOUT_CHECK_ACTIVITY) {
  115.         setcookie("verify", md5($lp), $timeout, '/');
  116.       }
  117.       break;
  118.     }
  119.   }
  120.   if (!$found) {
  121.     showLoginPasswordProtect("");
  122.   }
  123.  
  124. }
  125.  
  126. ?>

Report this snippet 

You need to login to post a comment.