On Thu, Mar 18, 2010 at 11:42 AM, Ashley Sheridan <ash@xxxxxxxxxxxxxxxxxxxx> wrote: > > On Thu, 2010-03-18 at 11:40 -0400, David Mehler wrote: > > > Hi, > > I am wanting to protect some pages by requiring a user to log in to > > access them. I'd prefer this be as simple as possible, and without > > requiring a database. > > So for example when a user goes to www.domain.com/example.php they'll > > get a page prompting for their log in credentials, and only after > > providing them will the page display. I'd prefer to avoid basic > > authentication dialog boxes if possible. > > Suggestions appreciated. > > Thanks. > > Dave. > > > > > By basic authentication dialog boxes, do you mean the sort that come > with password protection added through the use of an .htaccess file? > > If that's the case, then you're left with authenticating the same way > you'd do it with a database, but using some sort of flat file storage. > Ideally, this flat file would be kept out of your web root for > protection. > Unless you want to have only one (or another very small number) login. You can make a normal HTML form, then the code that processes the $_POST data can just compare the username and password to the "correct" username and password to login. You could make the valid logins into an array and compare the $_POST data to the array of valid logins. Also, look into sessions. http://us.php.net/manual/en/book.session.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
