Password protected page
5 posts by 2 authors in: Forums > CMS Builder
Last Post: November 1, 2010 (RSS)
By fleff - October 28, 2010
A real estate site: my client wants to have a password protected page for his agents only where they can download pdf files of deeds, field cards, etc. for each listing. I have set up a second details page (land_info.php) for this and it works fine from a link on the first (public) details page to the second (agents) one, passing along all the fields for that listing. My problem occurs when I add password code to the second page. The code I am using lops off the record number of the listing from its URL and the page goes to the first record instead. Is there some way of forcing the inclusion of the record number in the URL of the listing details page, such as "land_info.php?Array-17"? The password code is:
<?php
$Password = 'demo'; // Set your password here
if (isset($_POST['submit_pwd'])){
$pass = isset($_POST['passwd']) ? $_POST['passwd'] : '';
if ($pass != $Password) {
showForm("Wrong password");
exit();
}
} else {
showForm();
exit();
}
function showForm($error="LOGIN"){
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Micro Protector</title>
<link href="style/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="main">
<div class="caption"><?php echo $error; ?></div>
<div id="icon"> </div>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="pwd">
Password:
<table>
<tr><td><input class="text" name="passwd" type="password"/></td></tr>
<tr><td align="center"><br/>
<input class="text" type="submit" name="submit_pwd" value="Login"/>
</td></tr>
</table>
</form>
</div>
</body>
<?php
}
?>
* * * * *
Here is the code of the page generated by the password php script above for the user to enter the password and go to the second listing details page:
<div id="main">
<div class="caption">LOGIN</div>
<div id="icon"> </div>
<form action="/land_info.php" method="post" name="pwd">
Password:
<table>
<tr><td><input class="text" name="passwd" type="password"/></td></tr>
<tr><td align="center"><br/>
<input class="text" type="submit" name="submit_pwd" value="Login"/>
</td></tr>
</table>
</form>
</div>
* * * * *
I tried to use htaccess but didn't get it to work.
Thanks,
Farnham
<?php
$Password = 'demo'; // Set your password here
if (isset($_POST['submit_pwd'])){
$pass = isset($_POST['passwd']) ? $_POST['passwd'] : '';
if ($pass != $Password) {
showForm("Wrong password");
exit();
}
} else {
showForm();
exit();
}
function showForm($error="LOGIN"){
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Micro Protector</title>
<link href="style/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="main">
<div class="caption"><?php echo $error; ?></div>
<div id="icon"> </div>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="pwd">
Password:
<table>
<tr><td><input class="text" name="passwd" type="password"/></td></tr>
<tr><td align="center"><br/>
<input class="text" type="submit" name="submit_pwd" value="Login"/>
</td></tr>
</table>
</form>
</div>
</body>
<?php
}
?>
* * * * *
Here is the code of the page generated by the password php script above for the user to enter the password and go to the second listing details page:
<div id="main">
<div class="caption">LOGIN</div>
<div id="icon"> </div>
<form action="/land_info.php" method="post" name="pwd">
Password:
<table>
<tr><td><input class="text" name="passwd" type="password"/></td></tr>
<tr><td align="center"><br/>
<input class="text" type="submit" name="submit_pwd" value="Login"/>
</td></tr>
</table>
</form>
</div>
* * * * *
I tried to use htaccess but didn't get it to work.
Thanks,
Farnham
Re: [fleff] Password protected page
By Jason - October 29, 2010
Hi Farnham,
I think the problem is in this line here:
This sends the form to land_info.php but doesn't append anything else to the url string.
So, the question is, how do you know on the page with the form which listing you want to view?
Let me know and I can try to help you out.
I think the problem is in this line here:
<form action="/land_info.php" method="post" name="pwd">This sends the form to land_info.php but doesn't append anything else to the url string.
So, the question is, how do you know on the page with the form which listing you want to view?
Let me know and I can try to help you out.
---------------------------------------------------
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Re: [Jason] Password protected page
By fleff - October 30, 2010
Thanks, Jason. I agree with you that the problem lies with the line you cite. That is the line where I want to add the record number of the listing I am looking at.
On my land_details.php page there is a link to the page land_info.php that is to be password protected . That link, which works if no password requirement, looks like this:
<div align="center">
<?php if($record['field_card']):?>
<a href="land_info.php?<?php echo $record['field_card'] . '-'. $record['num']; ?>" border="0" class="agents_12b">(o)</a><br />
<?php endif ?>
</div>
At the very top of the land_info.php page I add this line of code to require a password before that page opens:
<?php require_once('microProtector.php'); ?>
It calls the Micro Protector script that I show at the top of this forum question that generates the password form that I would like to have take the user to the page land_info.php plus the record number for that listing.
The php code in the Micro Protector:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="pwd">
only picks up the URL as far as the .php extension and leaves off the record number that I need there for that particular listing. Otherwise it goes to the first record.
I tried adding the record number this way, but it didn't work.
<form action="<?php echo $_SERVER['PHP_SELF'] . '-'. $record['num']; ?>" method="post" name="pwd">
I am new to php and am hoping there is some way to get this to work. Or is there a better way?
Farnham
On my land_details.php page there is a link to the page land_info.php that is to be password protected . That link, which works if no password requirement, looks like this:
<div align="center">
<?php if($record['field_card']):?>
<a href="land_info.php?<?php echo $record['field_card'] . '-'. $record['num']; ?>" border="0" class="agents_12b">(o)</a><br />
<?php endif ?>
</div>
At the very top of the land_info.php page I add this line of code to require a password before that page opens:
<?php require_once('microProtector.php'); ?>
It calls the Micro Protector script that I show at the top of this forum question that generates the password form that I would like to have take the user to the page land_info.php plus the record number for that listing.
The php code in the Micro Protector:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="pwd">
only picks up the URL as far as the .php extension and leaves off the record number that I need there for that particular listing. Otherwise it goes to the first record.
I tried adding the record number this way, but it didn't work.
<form action="<?php echo $_SERVER['PHP_SELF'] . '-'. $record['num']; ?>" method="post" name="pwd">
I am new to php and am hoping there is some way to get this to work. Or is there a better way?
Farnham
Re: [fleff] Password protected page
By Jason - November 1, 2010
Hi Farnham,
$_SERVER['PHP_SELF'] will give you the file that you're executing, but it won't append the query string.
Try this line instead:
Hope this helps.
$_SERVER['PHP_SELF'] will give you the file that you're executing, but it won't append the query string.
Try this line instead:
<form action="<?php echo $_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING']; ?>" method="post" name="pwd">Hope this helps.
---------------------------------------------------
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Re: [Jason] Password protected page
By fleff - November 1, 2010
That did it, Jason! Thanks again for your great support.
Farnham
Farnham