On Thu, Mar 18, 2010 at 11:42 AM, Ashley Sheridan
<ash [at] ashleysheridan.co.uk> wrote:
>
> On Thu, 2010-03-18 at 11:40 -0400, David Mehler wrote:
>
> > Hi,
> > I am wanting to protect some pages by requiring a user to log in to
> > access them. I'd prefer this be as simple as possible, and without
> > requiring a database.
> > So for example when a user goes to www.domain.com/example.php they'll
> > get a page prompting for their log in credentials, and only after
> > providing them will the page display. I'd prefer to avoid basic
> > authentication dialog boxes if possible.
> > Suggestions appreciated.
> > Thanks.
> > Dave.
> >
>
>
> By basic authentication dialog boxes, do you mean the sort that come
> with password protection added through the use of an .htaccess file?
>
> If that's the case, then you're left with authenticating the same way
> you'd do it with a database, but using some sort of flat file storage.
> Ideally, this flat file would be kept out of your web root for
> protection.
>
Unless you want to have only one (or another very small number) login.
You can make a normal HTML form, then the code that processes the
$_POST data can just compare the username and password to the
"correct" username and password to login. You could make the valid
logins into an array and compare the $_POST data to the array of valid
logins.
Also, look into sessions.
http://us.php.net/manual/en/book.session.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
