It depends on what you want to achieve, and you ISP.
If you can achieve everything you want with htaccess, then it is pretty
simple, and a good option -- no db's, no PHP. BUT it may be complex to
add new users at your ISP.
On my site (perhaps not the most secure site in the world!!!), I use a
small form to get the username and password, validate the user name,
check the password against the user name, and if all is well, I show a
dynamic page. This aint secure secure, just a little hurdle. I'm
positive there are ways to break though it.
All I've done so far is to pass a hidden variable in the form, and to
make sure that the "validate" page was handed the variables through a
posted form, NOT through a direct URL.
Later on I hope to achieve all this in a more secure way, making sure
that you can't fake entry, bookmark the secure page, or use any direct
URL means of accessing the page (it HAS TO BE via the form).
There are plenty of tutorials on user/password systems... i'm sure one
of them has thought this trough properly, and it may be a good place for
you to start.
Justin French
[EMAIL PROTECTED] wrote:
>
> Hi,
>
> I was wondering how does one create a PHP script that can verify a
> database for the login ID and password and then allow that person to
> access a particular page.
>
> I am not looking for extreme details here , but I just want to get a
> general idea.
>
> I can understand how to make a script to verify the username and password
> through mysql and PHP, but after verification how can I take that person
> to another webpage automatically.
>
> Is it a combination of PHP , mysql and .htaccess?
>
> If anyone can shed some light on this mystery, I'll be glad to here about
> it.
>
> Thanks.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
