Cere parola pentru vizionare
Moderatori: Zamolxe, Moderatori
Cere parola pentru vizionare
Salut, vreau un script care sa apara cand intri pe pagina si sa ceara un user si o parola. Daca baga datele corect poate sa vada continutul, daca nu nu. Ca in poza de mai jos. Dar sa nu aiba conectare la mysql
Re: Cere parola pentru vizionare
Poate ai noroc sa il aibe careva deja gata facut, ca de facut de la cap nu cred ca o sta stea nimeni. Ca idee cum sa il faci:
Folosesti un fisier in care salvezi pe cate un rand numele si parola fiecarui user. Intre ele adaugi un grup de caractere mai speciale. ex: nume^^^parola
Parola o criptezi cu md5 sau cu ce vrei tu si apoi o introduci in fisier.
Ca sa preiei fiecare rand in parte din fisier folosesti functie file(), iar ca sa separi numele de parola folosesti explode().
Da-i bataie:D
Folosesti un fisier in care salvezi pe cate un rand numele si parola fiecarui user. Intre ele adaugi un grup de caractere mai speciale. ex: nume^^^parola
Parola o criptezi cu md5 sau cu ce vrei tu si apoi o introduci in fisier.
Ca sa preiei fiecare rand in parte din fisier folosesti functie file(), iar ca sa separi numele de parola folosesti explode().
Da-i bataie:D
Re: Cere parola pentru vizionare
Foloseste:
.htaccess
.htpasswd
.htaccess
.htpasswd
Re: Cere parola pentru vizionare
Am gasit ceva pe net asemanator, dar nu stiu cum sa il iau de acolo si sal pun pe o pagina simpla.
Cod: Selectaţi tot
<?php
//CONFIG
$admin_id = "admin";
$admin_pw = "pass";
//CONFIG
echo "<head>";
//echo "<link rel='stylesheet' href='style.css' type='text/css' />";
echo '<style type="text/css">
<!--
body {
background-color:#AFEEEE;
}
.textbox {
background-color : #f8f8f8;
border : 1px solid #ccc;
}
.button {
background-position: center;
//background-color: #9BCCCA;
}
}
-->
</style>';
echo "<title>Autopatcher AdminCP</title>";
echo "</head>";
//echo "<body>";
$generated_patchlist;
$version_form;
$new_exclusionlist = $_POST['exclusionlist'];
$use_clientversion = $_POST['use_clientversion'];
$increase_clientversion = $_POST['increase_clientversion'];
if (isset($_GET["login"]))
{
//Einlogg-Funktion
$username = $_POST['username'];
$password = $_POST['password'];
if ($password == $admin_pw and $username == $admin_id)
{
loadadmincpgui();
}
else
{
loadlogingui($username);
echo "<script>alert(\"Ati fost reportat ca avand tentativa de hacking! Multumim!\");</script>";
}
}
elseif (isset($_GET["admincp_ok"]))
{
//if (md5($_POST['password']) != md5($admin_pw))
if ($_POST['admincp_spoiler'])
{
loadadmincpgui();
}
elseif ($_POST['admincp_update'])
{
if (file_exists("client/patchconfig.cfg") == false and file_exists("client/clientversion.txt") == false and $use_clientversion == "true")
{
load_clientversionselect();
}
else
{
update_files();
}
}
else
{
echo "
<TABLE border bgcolor='#F8E0E0' align='center' WIDTH='100%' frame='hsides'>
<TR>
<TD align='center'><small><b><font color='#ff0000'>Please log in first to get access.</font></b></small></TD>
</TR>
</TABLE>";
loadlogingui("");
}
}
elseif (isset($_GET['admincp_select_clientversion']))
{
if ($_POST['version_exclusive'])
{
$version_form = "exclusive";
update_files();
}
elseif ($_POST['version_normal'])
{
$version_form = "normal";
load_statusbar();
get_patchconfig();
}
else
{
echo "
<TABLE border bgcolor='#F8E0E0' align='center' WIDTH='100%' frame='hsides'>
<TR>
<TD align='center'><small><b><font color='#ff0000'>Please log in first to get access.</font></b></small></TD>
</TR>
</TABLE>";
loadlogingui("");
}
}
elseif (isset($_GET['admincp_get_patchconfig']))
{
if (isset($_POST['patchconfig']))
{
if ($_POST['patchconfig'] == "")
{
load_statusbar();
echo "
<TABLE border bgcolor='#F8E0E0' align='center' WIDTH='100%' frame='hsides'>
<TR>
<TD align='center'><small><b><font color='#ff0000'>ERROR: No patchconfig inserted!</font></b></small></TD>
</TR>
</TABLE>";
get_patchconfig();
}
else
{
$handler = fOpen("client/patchconfig.cfg" , "w+");
fWrite($handler , $_POST['patchconfig']);
fClose($handler);
update_files();
}
}
else
{
echo "
<TABLE border bgcolor='#F8E0E0' align='center' WIDTH='100%' frame='hsides'>
<TR>
<TD align='center'><small><b><font color='#ff0000'>Please log in first to get access.</font></b></small></TD>
</TR>
</TABLE>";
loadlogingui("");
}
}
elseif (isset($_GET['admincp_update_complete']))
{
if (isset($_POST['update_ok']))
{
loadadmincpgui();
}
else
{
echo "
<TABLE border bgcolor='#F8E0E0' align='center' WIDTH='100%' frame='hsides'>
<TR>
<TD align='center'><small><b><font color='#ff0000'>Please log in first to get access.</font></b></small></TD>
</TR>
</TABLE>";
loadlogingui("");
}
}
else
{
loadlogingui($username);
}
function loadlogingui($username) {
echo '<BODY onLoad="document.forms.post.username.focus()">';
echo "<BR CLEAR=HEIGHT>";
echo "<div id='login'><form name='post' method='post' action='admincp.php?login'>
<table frame='box' width='350px' align='center' class=''>
<tr>
<td colspan='2'><h2 style='color:#A4A4A4' align='left'><b>Admin cPanel -Login</b></h1></td>
</tr>
<tr valign='middle'>
<td class='tbl2' align='center'>Nume de utilizator:</td>
<td class='tbl2' align='center'><input type='text' name='username' value='".$username."' maxlength='50' class='textbox' style='width: 180px;'></td>
</tr>
<tr>
<td class='tbl2' align='center'>Parola:</td>
<td class='tbl2' align='center'><input type='password' name='password' maxlength='50' class='textbox' style='width: 180px;'></td>
</tr>
<tr>
<td class='tbl2' align='center'> </td>
<td align='right'><input name='login' value='Logare' type='submit' class='button'></td>
</tr>
</table>
</div>
";
load_footer();
echo "</body>";
}
function loadadmincpgui() {
load_statusbar();
if (file_exists("patchlist.php"))
{
$actual_patchlist = file_get_contents('./patchlist.php', true);
}
else
{
$actual_patchlist = "";
}
if (file_exists("exclusionlist.txt"))
{
$actual_exclusionlist = file_get_contents('./exclusionlist.txt', true);
}
else
{
$actual_exclusionlist = "--Ausschlussliste:--\nsyserr.txt\nmetin2.cfg\nindex.php\nindex.html";
}
echo "<BR CLEAR=HEIGHT>";
echo "
<div id='admincp'><form name='post' method='post' action='admincp.php?admincp_ok'>
<table align='center' class='' frame='box'>
<tr>
<tr>
<td><h2 style='color:#A4A4A4' align='left'><b>Autopatcher Administrator Control Panel</b></h1></td>
</tr>
";
if ($_POST['admincp_spoiler'] != "Show") {
echo "<tr valign='left'>
<td class='tbl2' align='left'><b>Patchlist-ul actual: </b><input name='admincp_spoiler' value='Show' type='submit' class='button'></td>
</tr>";
} else {
echo "
<tr valign='left' frame='above'>
<td class='tbl2' align='left'><b>Patchlist-ul actual: </b><input name='admincp_spoiler' value='Hide' type='submit' class='button'></td>
</tr>
<tr frame='below'>
<td class='tbl2' align='center'><textarea type='text' name='patchlist' disabled='true' wrap='off' class='textbox' value='test' style='width: 550px; height: 200px;'>".$actual_patchlist."</textarea></td>
</tr>"; }
echo "
<tr valign='left'>
<td class='tbl2' align='left'><b>Lista de excludere</b></td>
</tr>
<tr valign='left'>
<td class='tbl2' align='left'><small>(Aceste fisiere nu vor fi incluse in patchlist)</small></td>
</tr>
<tr frame='below'>
<td class='tbl2' align='center'><textarea type='text' name='exclusionlist' wrap='off' class='textbox' value='test' style='width: 500px; height: 200px;'>".$actual_exclusionlist."</textarea></td>
</tr>";
admincp_clientversion();
echo "
<tr>
<td align='right'><input name='admincp_update' value='Actualizeaza fisierele' type='submit' class='button'></td>
</tr>
</tr>
</table>
</div>
";
load_footer();
}
function load_statusbar()
{
global $admin_id;
//$datum = date("d.m.Y");
$time = strftime("%b %d, %G - %R %Z");
//$uhrzeit = date("H:i");
echo "
<TABLE align='center' WIDTH='50%' frame='hsides'>
<TR>
<TD align='left'><small>Autopatcher Administrator Control Panel v1.4</small></TD>
<br>
<TD align='left'><small>Logat ca: <b>".$admin_id."</b></small></TD>
<TD align='left'><small>".$time."</small></TD>
<TD align='left'><small><a href='http://maniacxmt2.ro/' target='_blank'>Producator</a></small></TD>
</TR>
</TABLE>
";
}
function load_footer()
{
echo "<br><br><br><br><br>
<TABLE align='center' WIDTH='50%' frame='hsides'>
<TR>
<TD align='left'><small>Optimizat pentru <a href='http://www.mozilla-europe.org/de/firefox/' target='_blank'>Mozilla Firefox</a></small> si pentru <a href='http://www.google.com/intl/ro/chrome/browser/' target='_blank'>Google Chrome</a></small></TD>
<TD align='right'><small>Creat de ByeBye, 2013</small></TD>
</TR>
</TABLE>
";
}
function admincp_clientversion()
{
if (file_exists("clientversion.php"))
{
$actual_clientversion = file_get_contents('./clientversion.php', true);
}
else
{
$actual_clientversion = "x";
}
$new_clientversion = get_new_clientversion($actual_clientversion);
echo "
<tr valign='left'>
<td class='tbl2' align='left'><b>Versiunea clientului:</b></td>
</tr>
<tr valign='left'>
<td class='tbl2' align='left'><small>Daca utilizati versiunea clientului timpul de patching scade enorm!.</small></td>
</tr>
<tr valign='left'>
<td class='tbl2' align='left'><input type='checkbox' name='use_clientversion' value='true' checked> Utilizeaza versiunea clientului<br></td>
</tr>
<tr valign='left'>
<td class='tbl2' align='left'>Actual: ".$actual_clientversion." <input type='checkbox' name='increase_clientversion' value='true' checked> Cresterte <small>(Urmatoarea versiunea a clientului va fi: ".$new_clientversion.")</small><br></td>
</tr>
";
}
function get_new_clientversion($old_clientversion)
{
if ($old_clientversion == "x")
{
$old_clientversion = "9.9.9";
}
$old_clientversion = preg_replace('/[^0-9.]/','',$old_clientversion);
$old_clientversion = str_replace('..','.',$old_clientversion);
$positions = array(strpos($old_clientversion, "."));
while (strrpos($old_clientversion, ".") != $positions[(count($positions)-1)])
{
array_push($positions, strpos($old_clientversion, ".", $positions[(count($positions))])+$positions[(count($positions))-1]+1);
}
$new_clientversion = preg_replace('/[^0-9]/','',$old_clientversion);
$new_clientversion++;
$new_cv_p = $new_clientversion;
$new_cv_p = strval ($new_cv_p);
foreach ($positions as $pos)
{
$new_cv_p = str_insert($pos, $new_cv_p, ".");
}
if (substr($new_cv_p, -2, 1) != ".")
{
$new_cv_p = str_insert(strlen($new_cv_p)-1, $new_cv_p, ".");
}
return $new_cv_p;
}
function str_insert($pos_zum_einfuegen, $string, $text_zum_einfuegen)
{
$i = 0;
$str = '';
while($i<strlen($string))
{
if($i == $pos_zum_einfuegen)
{
$str .= $text_zum_einfuegen.$string[$i];
}
else
{
$str .= $string[$i];
}
$i += 1;
}
return $str;
}
function ListFiles($path){
global $generated_patchlist;
$handle = opendir($path);
while (($pathFile = readdir ($handle)) != false)
{
if (preg_match("=^\.{1,2}$=", $pathFile))
{
continue;
}
if(is_dir($path."/".$pathFile))
{
ListFiles($path."/".$pathFile);
}
else
{
if (IsInExclusionList(str_replace("client/","", $path."/".$pathFile)) == false)
{
$generated_patchlist = $generated_patchlist.str_replace("client/","", $path."/".$pathFile)." ##md5Hash= ".strtoupper(md5_file($path."/".$pathFile))."\n";
}
}
}
@closedir($handle);
}
function IsInExclusionList($filename)
{
$returnvalue = false;
global $existexclusionlist;
global $exclusionlist;
if($existexclusionlist === true){
$line = 0;
while($line < key($exclusionlist)+1)
{
if ($filename == $exclusionlist[$line]){$returnvalue = true;}
$line++;
}
}
if ($returnvalue == false){return false;} else {return true;}
}
function IniExclusionList()
{
global $existexclusionlist;
global $exclusionlist;
if (file_exists("exclusionlist.txt")){
$existexclusionlist = true;
$exclusionlist = file("exclusionlist.txt");
krsort($exclusionlist);
}
else
{
$existexclusionlist = false;
}
}
function generate_easypatchlist()
{
global $generated_patchlist;
$generated_patchlist = $generated_patchlist."-###Patchlist [EasyPatchlist-Script v1.0]###-"."\n";
$existexclusionlist;
$exclusionlist;
IniExclusionList();
ListFiles("client");
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
$generated_patchlist = $generated_patchlist. "\n";
}
function update_files()
{
set_time_limit(0);
global $use_clientversion;
global $increase_clientversion;
global $version_form;
if (file_exists("client/patchconfig.cfg"))
{
$mode_clientversion = "normal";
}
elseif (file_exists("client/clientversion.txt"))
{
$mode_clientversion = "exclusive";
}
else
{
$mode_clientversion = $version_form;
}
loadupdategui($use_clientversion, $mode_clientversion);
$old_clientversion;
if (file_exists("clientversion.php"))
{
$old_clientversion = file_get_contents('./clientversion.php', true);
if ($old_clientversion == "")
{
$old_clientversion = "x";
}
}
else
{
$old_clientversion = "x";
}
$new_clientversion = get_new_clientversion($old_clientversion);
if ($use_clientversion != "true")
{
$new_clientversion = "x";
}
if ($increase_clientversion == "true" or $use_clientversion != "true")
{
$handler = fOpen("clientversion.php" , "w+");
fWrite($handler , $new_clientversion);
fClose($handler);
if ($mode_clientversion == "exclusive")
{
$handler = fOpen("client/clientversion.txt" , "w+");
fWrite($handler , $new_clientversion);
fClose($handler);
}
else
{
replace_line(20, "client/patchconfig.cfg", "CLIENTVERSION: ".$new_clientversion);
}
}
else
{
$handler = fOpen("clientversion.php" , "w+");
fWrite($handler , $old_clientversion);
fClose($handler);
}
global $new_exclusionlist;
$handler = fOpen("exclusionlist.txt" , "w+");
fWrite($handler , $new_exclusionlist);
fClose($handler);
generate_easypatchlist();
global $generated_patchlist;
$handler = fOpen("patchlist.php" , "w+");
fWrite($handler , $generated_patchlist);
fClose($handler);
echo "<script>alert(\"Toate schimbariile au fost salvate!!\");</script>";
//loadadmincpgui();
}
function loadupdategui($clientversion_use, $clientversion_mode) {
load_statusbar();
echo "<BR CLEAR=HEIGHT>";
echo "
<div id='admincp_updating'><form name='post' method='post' action='admincp.php?admincp_update_complete'>
<table cellspacing='0' align='center' class='' frame='box'>
<tr>
<tr>
<td><h2 style='color:#A4A4A4' align='left'><b>Autopatcher Administrator Control Panel</b></h1></td>
</tr>
";
if ($clientversion_use == "true")
{
echo "
<tr>
<td>updated::clientversion.php</td>
</tr>
";
}
if ($clientversion_mode == "normal")
{
echo "
<tr>
<td>updated::client/patchconfig.cfg</td>
</tr>
";
}
elseif ($clientversion_mode == "exclusive")
{
echo "
<tr>
<td>updated::client/clientversion.txt</td>
</tr>
";
}
echo "
<tr>
<td>updated::exclusionlist.php</td>
</tr>
<tr>
<td>updated::patchlist.php</td>
</tr>
<tr>
<td><center><input name='update_ok' value='OK' type='submit' class='button'></center></td>
</tr>
</tr>
</table>
</div>
";
load_footer();
}
function load_clientversionselect()
{
load_statusbar();
global $new_exclusionlist;
global $use_clientversion;
global $increase_clientversion;
echo "<BR CLEAR=HEIGHT>";
echo "
<div id='admincp_select_clientversion'><form name='post' method='post' action='admincp.php?admincp_select_clientversion'>
<table align='center' class='' frame='box'>
<tr>
<tr>
<td><h2 style='color:#A4A4A4' align='left'><b>Autopatcher Administrator Control Panel</b></h1></td>
</tr>
<tr>
<td><center>Are you using a normal version or an exclusive version?</center><br></td>
</tr>
<tr>
<td><center><input name='version_normal' value='normal' type='submit' class='button'><input name='version_exclusive' value='exclusive' type='submit' class='button'></center></td>
</tr>
<tr>
<input type='hidden' name='exclusionlist' value='".$new_exclusionlist."'><input type='hidden' name='use_clientversion' value='".$use_clientversion."'><input type='hidden' name='increase_clientversion' value='".$increase_clientversion."'>
</tr>
</tr>
</table>
</div>
";
load_footer();
}
function get_patchconfig()
{
global $new_exclusionlist;
global $use_clientversion;
global $increase_clientversion;
echo "<BR CLEAR=HEIGHT>";
echo "
<div id='admincp_get_patchconfig'><form name='post' method='post' action='admincp.php?admincp_get_patchconfig'>
<table align='center' class='' frame='box'>
<tr>
<tr>
<td><h2 style='color:#A4A4A4' align='left'><b>Autopatcher Administrator Control Panel</b></h1></td>
</tr>
<tr>
<td>Please insert the content of your actual patchconfig.cfg here:</td>
</tr>
<tr>
<td align='center'><textarea type='text' name='patchconfig' wrap='off' class='textbox' value='test' style='width: 500px; height: 200px;'></textarea></td>
</tr>
<tr>
<td align='right'><input name='patchconfig_ok' value='OK' type='submit' class='button'></td>
</tr>
<tr>
<input type='hidden' name='exclusionlist' value='".$new_exclusionlist."'><input type='hidden' name='use_clientversion' value='".$use_clientversion."'><input type='hidden' name='increase_clientversion' value='".$increase_clientversion."'>
</tr>
</tr>
</table>
</div>
";
load_footer();
}
function replace_line($zeile, $datei, $neuer_text)
{
$file=file($datei);
$neuer_text = $neuer_text."\n";
$algemh = fopen($datei,"w+");
for($num=0;$num<count($file);$num++){
if($num==$zeile){
fputs($algemh, $neuer_text);
} else {
fputs($algemh, $file[$num]);
}
}
fclose($algemh);
}
?>
Ultima oară modificat Dum Aug 11, 2013 12:51 pm de către ByeBye, modificat 1 dată în total.
Re: Cere parola pentru vizionare
Ditamai carnatu, foloseste si tu .htaccess si .htpasswd, eu zic ca ii o solutie mai buna.
Re: Cere parola pentru vizionare
Ruben scrie:Ditamai carnatu, foloseste si tu .htaccess si .htpasswd, eu zic ca ii o solutie mai buna.
Pai explicami cum... ca is incepator
Re: Cere parola pentru vizionare
Uite am gasit la mine in pc un script de pe vremea cand m-am apucta sa invat php. Nu mai stiu exact de unde l-am luat.
Trebuie sa salvezi tot scriptul intrun fisier access.php
Apoi in pagina undev rei sa apara formularul adaugi codul asta pe prima linie in fisier.
Scriptul:
Daca vrei sa folosesti .htaccess si .htpasswd faci ca aici:
http://www.tutorialeweb.net/php/htaccess.php
Si mergi jos unde scrie "Protejarea unui director cu parola"
Metoda asta va cere autentificarea atunci cand accesesi orice pagina din directorul respectiv. Deci nu trebe sa incluzi nici un script in paginile tale.
Insa este suficient scriptul de ti l-am dat mai sus.
Trebuie sa salvezi tot scriptul intrun fisier access.php
Apoi in pagina undev rei sa apara formularul adaugi codul asta pe prima linie in fisier.
Cod: Selectaţi tot
<?php require('access.php'); ?>Scriptul:
Cod: Selectaţi tot
<?php
session_start();
header("Cache-control: private");
/*
SIMPLE LOGIN - Access Protection Script
http://new-place.org/scripts/
This is a simple password protection script that requires very little setup. This single file can protect multiple pages with just a small include at the top of each PHP file you want to protect. It uses sessions so you only have to enter your password once each time you open your browser, and you can view any number of protected pages without having to login for each page. THIS SCRIPT CAN ONLY PROTECT PHP FILES and is not compatible with pages that already use sessions. The default login form is valid XHTML 1.0 Transitional.
I release this script in good faith, but no data stored online can be guaranteed 100% secure. By using SimpleLogin, you agree to indemnify me from any liability that might arise during its use. If you encounter any security problems with this script, please report them to me and I will fix or discontinue SimpleLogin as necessary.
SETUP
1. Set your username and password in the config below.
2. Upload this file to your site.
3. Put the following code at the ABSOLUTE VERY TOP of each page you want to password protect:
<?php require('access.php'); ?>
Important! Make sure the files you are protecting are in the same directory as this file. You can still protect files in other directories, but you will need to adjust the include code to add the path to this file.
CUSTOMIZATION
You can customize the login form in the code below (scroll down, it's commented), but do not change any PHP code or the field names. To make the login page match your site, DO NOT include access.php where you want the form to show up. It must go at the top of the page you are protecting or the sessions will not work. Instead, edit the login form below, to add your own header and footer.
NOTES
- Change the name of this file to whatever you want, just make sure to change the filename in the include code.
- You can create a logout from your protected page by linking to page.php?action=logout (link to the protected page, NOT this page).
- If you find this script helpful, a link to my site is appreciated but not required.
UPDATES
May 4, 2006 - Changed include to require to make it safer and added a liability disclaimer. Removed demo login information I accidentally left in the file. D'oh!
January 5, 2006 - Tidied up the code a bit, added form input filtering as a security precaution, and added CSS styles to the login page.
*/
//CONFIG
// --------------------------------------------------
// set your username and password
$setusername = 'bos';
$setpassword = 'boss';
// don't edit below this line
// --------------------------------------------------
if ($_GET['action'] == 'logout') {
$_SESSION = array();
session_destroy();
}
$showform = true;
if ($_POST['action'] == 'login') {
$replace = array('(' => '(', ')' => ')', '#' => '#');
$username = strtr(htmlspecialchars(strip_tags($_POST['username'])), $replace);
$password = strtr(htmlspecialchars(strip_tags($_POST['password'])), $replace);
if (($username != $setusername) || ($password != $setpassword)) {
$errormsg = true;
} else {
$showform = false;
$_SESSION['username'] = $username;
$_SESSION['password'] = md5($password);
}
} else {
if (($_SESSION['username'] == $setusername) && ($_SESSION['password'] == md5($setpassword))) {
$showform = false;
}
}
if ($showform) {
// don't edit above this line
// --------------------------------------------------
?>
<!-- login page -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<title>Login Required</title>
<style type="text/css">
body, input { color: #000000; font: 12px arial, sans serif; background-color: #ffffff; }
input { border: 1px solid #000000; }
a { color: #666666; text-decoration: none; }
a:hover { color: #333333; }
h1 { font-size: 16px; letter-spacing: 1px;}
p, h1 { margin: 10px 0px; }
.errormsg { color: #FF0000; }
</style>
</head>
<body>
<h1>Login Required</h1>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="hidden" name="action" value="login" />
<?php
// don't edit this unless you know what you are doing
if ($errormsg) {
echo '<p class="errormsg">Invalid login! Try again.</p>';
}
?>
<p>
Username:<br />
<input type="text" name="username" />
</p>
<p>
Password:<br />
<input type="password" name="password" />
</p>
<p>
<input type="submit" value="Submit" />
</p>
</form>
</body>
</html>
<!-- login page ends -->
<?php
// don't edit below this line
// --------------------------------------------------
exit;
}
?>
Daca vrei sa folosesti .htaccess si .htpasswd faci ca aici:
http://www.tutorialeweb.net/php/htaccess.php
Si mergi jos unde scrie "Protejarea unui director cu parola"
Metoda asta va cere autentificarea atunci cand accesesi orice pagina din directorul respectiv. Deci nu trebe sa incluzi nici un script in paginile tale.
Insa este suficient scriptul de ti l-am dat mai sus.
Re: Cere parola pentru vizionare
inginerul scrie:Uite am gasit la mine in pc un script de pe vremea cand m-am apucta sa invat php. Nu mai stiu exact de unde l-am luat.
Trebuie sa salvezi tot scriptul intrun fisier access.php
Apoi in pagina undev rei sa apara formularul adaugi codul asta pe prima linie in fisier.Cod: Selectaţi tot
<?php require('access.php'); ?>
Scriptul:Cod: Selectaţi tot
<?php
session_start();
header("Cache-control: private");
/*
SIMPLE LOGIN - Access Protection Script
http://new-place.org/scripts/
This is a simple password protection script that requires very little setup. This single file can protect multiple pages with just a small include at the top of each PHP file you want to protect. It uses sessions so you only have to enter your password once each time you open your browser, and you can view any number of protected pages without having to login for each page. THIS SCRIPT CAN ONLY PROTECT PHP FILES and is not compatible with pages that already use sessions. The default login form is valid XHTML 1.0 Transitional.
I release this script in good faith, but no data stored online can be guaranteed 100% secure. By using SimpleLogin, you agree to indemnify me from any liability that might arise during its use. If you encounter any security problems with this script, please report them to me and I will fix or discontinue SimpleLogin as necessary.
SETUP
1. Set your username and password in the config below.
2. Upload this file to your site.
3. Put the following code at the ABSOLUTE VERY TOP of each page you want to password protect:
<?php require('access.php'); ?>
Important! Make sure the files you are protecting are in the same directory as this file. You can still protect files in other directories, but you will need to adjust the include code to add the path to this file.
CUSTOMIZATION
You can customize the login form in the code below (scroll down, it's commented), but do not change any PHP code or the field names. To make the login page match your site, DO NOT include access.php where you want the form to show up. It must go at the top of the page you are protecting or the sessions will not work. Instead, edit the login form below, to add your own header and footer.
NOTES
- Change the name of this file to whatever you want, just make sure to change the filename in the include code.
- You can create a logout from your protected page by linking to page.php?action=logout (link to the protected page, NOT this page).
- If you find this script helpful, a link to my site is appreciated but not required.
UPDATES
May 4, 2006 - Changed include to require to make it safer and added a liability disclaimer. Removed demo login information I accidentally left in the file. D'oh!
January 5, 2006 - Tidied up the code a bit, added form input filtering as a security precaution, and added CSS styles to the login page.
*/
//CONFIG
// --------------------------------------------------
// set your username and password
$setusername = 'bos';
$setpassword = 'boss';
// don't edit below this line
// --------------------------------------------------
if ($_GET['action'] == 'logout') {
$_SESSION = array();
session_destroy();
}
$showform = true;
if ($_POST['action'] == 'login') {
$replace = array('(' => '(', ')' => ')', '#' => '#');
$username = strtr(htmlspecialchars(strip_tags($_POST['username'])), $replace);
$password = strtr(htmlspecialchars(strip_tags($_POST['password'])), $replace);
if (($username != $setusername) || ($password != $setpassword)) {
$errormsg = true;
} else {
$showform = false;
$_SESSION['username'] = $username;
$_SESSION['password'] = md5($password);
}
} else {
if (($_SESSION['username'] == $setusername) && ($_SESSION['password'] == md5($setpassword))) {
$showform = false;
}
}
if ($showform) {
// don't edit above this line
// --------------------------------------------------
?>
<!-- login page -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<title>Login Required</title>
<style type="text/css">
body, input { color: #000000; font: 12px arial, sans serif; background-color: #ffffff; }
input { border: 1px solid #000000; }
a { color: #666666; text-decoration: none; }
a:hover { color: #333333; }
h1 { font-size: 16px; letter-spacing: 1px;}
p, h1 { margin: 10px 0px; }
.errormsg { color: #FF0000; }
</style>
</head>
<body>
<h1>Login Required</h1>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="hidden" name="action" value="login" />
<?php
// don't edit this unless you know what you are doing
if ($errormsg) {
echo '<p class="errormsg">Invalid login! Try again.</p>';
}
?>
<p>
Username:<br />
<input type="text" name="username" />
</p>
<p>
Password:<br />
<input type="password" name="password" />
</p>
<p>
<input type="submit" value="Submit" />
</p>
</form>
</body>
</html>
<!-- login page ends -->
<?php
// don't edit below this line
// --------------------------------------------------
exit;
}
?>
Daca vrei sa folosesti .htaccess si .htpasswd faci ca aici:
http://www.tutorialeweb.net/php/htaccess.php
Si mergi jos unde scrie "Protejarea unui director cu parola"
Metoda asta va cere autentificarea atunci cand accesesi orice pagina din directorul respectiv. Deci nu trebe sa incluzi nici un script in paginile tale.
Insa este suficient scriptul de ti l-am dat mai sus.
Multumesc mult, cum fac si sa se poata deloga, sau sa ceara aceasta parola de fiecare data cand intra pe pagina. De ex acum a iesit si cand intra iara trebe sa bage. Sau sa aibe un buton de logout
Re: Cere parola pentru vizionare
Are si optiune de log out nu vazusem eu. Trebuie sa adaugi urmatorul link in pagina resectiva:
Schimbi pagina cu numele paginii tale.
Poti adauga o imagine sau un buton in locul link-ului.
Adaygi codul asta oriunde vrei tu sa apara butonul respectiv
Cod: Selectaţi tot
<a href="pagina.php?action=logout">Log Out</a>Schimbi pagina cu numele paginii tale.
Poti adauga o imagine sau un buton in locul link-ului.
Cod: Selectaţi tot
<a href="pagina.php?action=logout"><input type="button" value="Log Out" /></a>Adaygi codul asta oriunde vrei tu sa apara butonul respectiv
-
tedy
- Average Member
- Mesaje: 95
- Membru din: Vin Ian 06, 2012 7:28 pm
- Localitate: Ramnicu Valcea
- Contact:
Re: Cere parola pentru vizionare
Cod: Selectaţi tot
<!DOCTYPE>
<html>
<head>
<style>
body
{
padding: 0;
margin: 0;
}
#container
{
width: 960px;
margin: 0 auto;
}
#content
{
padding: 20px;
border: 1px solid black;
}
span
{
display: block;
margin-bottom: 35px;
}
input
{
display: block;
margin-bottom: 20px;
}
</style>
</head>
<body>
<div id="container">
<div id="content">
<form method="POST">
<span>Admin Panel</span>
<label>Nume de utilizator:</label>
<input type="text" name="username" value="<?php if (count($_POST) && ctype_alnum($_POST['username'])) echo $_POST['username']; ?>">
<label>Parola:</label>
<input type="password" name="pwd" value="<?php if (count($_POST) && ctype_alnum($_POST['pwd'])) echo $_POST['pwd']; ?>">
<input type="submit" value="Logare">
</form>
</div>
</div>
</body>
</html>
<?php
//cfg
const USERNAME = 'username';
const PASSWORD = 'password';
//validation
if (count($_POST))
if ($_POST['username'] == USERNAME && $_POST['pwd'] == PASSWORD)
{
//aici vezi continutul
}
else
{
//aici nu vezi
}E ceva schitat rapid, protectia XSS consta in neafisarea username/pwd daca contin caractere diferite de A-Za-z0-9. Sper sa-ti dea un punct de plecare, bafta.
EDIT: nu vazusem mesajele de mai sus, whatever.
Ultima oară modificat Dum Aug 11, 2013 2:20 pm de către tedy, modificat 1 dată în total.
Cine este conectat
Utilizatori ce ce navighează pe acest forum: Niciun utilizator înregistrat și 31 vizitatori