[UPHPU] PHP Password Protect

Jeremy Burgess jeremy at edgecast.net
Mon Dec 11 16:56:24 MST 2006 

Webot Graphics wrote:

>>
>> I can't get the formatting to appear in this page. I am still new to  
>> PHP so I am not sure if I am even on the right tract.
>>
>> here is the link to this page. www.westernbotanicals.com/en/ 
>> whlcatalog.php. This is what a regular page looks like.  
>> www.westernbotanicals.com/en/front.html
>>
>> <?php
>> // Define your username and password
>> $username = "hello";
>> $password = "world";
>> if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] !=  
>> $password) {
>> ?>
>> <HTML> ... </HTML>
>> <?php
>> } else {
>> ?>
>> <p>This is the protected page. Your private content goes here.</p>
>> <?php
>> }
>> ?>
>
> I want to be able to password protect a download. The page that was  
> built for the company has a pre formatted page which contains  
> JavaScript (and looks ugly to me) but they want to be able to  
> password protect a downloadable catalog.
>
> You are on 'a' right track. There are more sophisticated and secure ways
> of doing this, but your way can work. It looks like you just need to fix
> the if statement.
>
> from this:
> $_POST['txtUsername'] != $username || $_POST['txtPassword'] !=  
> $password)
> to this:
> $_POST['txtUsername'] == $username && $_POST['txtPassword'] ==  
> $password)
>
> that way you are only showing the page when BOTH $username and $password
> (hence the '&&') are equal to (hence the '==') txtUsername and
> txtPassword respectively.
>
> -Jeremy
>
> UPDATE/CORRECTION: With this change you will also need to switch the 
> order of the content in the if statement
>
> if(...){
>   // Private Content
> } else {
>   // Log in form
> }

<Mike>

> from this:
> $_POST['txtUsername'] != $username || $_POST['txtPassword'] !=  
> $password)
> to this:
> $_POST['txtUsername'] == $username && $_POST['txtPassword'] ==  
> $password)

And the difference between these two are??? They do EXACTLY the same thing.
</Mike>

Thanks for calling me on this, Mike. (and for being courteous enough to 
do it off list ;-) I was too quick to assume. There is nothing wrong 
with the sample code. It seems to work as it is supposed to. So I too am 
not sure what is really being asked.

Jeremy

More information about the UPHPU mailing list