Hi to you all!

A

Anonymous

Guest
Hi,
Got a little PHP problem and thought this could be just the place to get an answer. :D
I made a simple password Authentication in a normal html form going on to a php doc. NP's there.
However, I've seen some of those nifty little "Login Windows" slightly resembling an alert message.
Wot are they used for? And would they possibly suit my needs (i.e. accessing a restricted web-site)?
I tried searching for authentication & access and the like but its hard to find something when you are not sure wot it is you are lookin for.
Any help would be greatly appreciated.
Cheers,
Taff
 
Hi,

I'm guessing that Your referrring to Javascript prompt boxes. These can be good but I think that the data that is sent on from them is by the GET method (I'm not sure about this but if true there would be a security hole).

If you want to do a really simple one try this:

http://javascript.internet.com/passwords/prompt.html

It's very crude but works as long as the site is not supposed to be VERY secure.

If you really do need to bear in mind security you could research the following:

session cookies

Post the form to a password checking script > if correct set a sess_id and store it in a db > at the top of each subsequent page check that the session id is in the table and if its not chuck the person out.

A further measure may be to ensure also that the user has clicked somewhere in 10 mins and make their login expire if they have not.

Using this you can stop people entering your site without logging in (if they have bookmarked a page).

Hope this helps,

Hadleigh.
 
Thx,
If you really do need to bear in mind security you could research the following:
session cookies
Post the form to a password checking script > if correct set a sess_id and store it in a db > at the top of each subsequent page check that the session id is in the table and if its not chuck the person out.
A further measure may be to ensure also that the user has clicked somewhere in 10 mins and make their login expire if they have not.
Click to expand...

There is some pretty useful stuff there! The last one i made, the user had to log in on every site which gets a bit tedious after 3 or 4. I'll look into the session cookies.

I didnt actually mean the JS prompt window, i think there is another one that comes into play when you try to enter a secure area.
I tried looking for an example, but you know how it is when you need one.....
Anyway thx for your swift reply, it proved very helpful :D

Cheers,
Taff
 
No probs,

You may then be thinking of .htaccess files. These sit in the root of your account and will require someone to enter a username and password to access a particluar folder (say poublic_html). I can't actually find one on our web server to show you I'm afraid but there'll be plenty of help out there.

Also, you might like to research getting a certificated secure server through someone like Thwart (can be expensive).

cheers,

Hadleigh.
 
Thanks again,
I'll look into it, although i think i'll stick to a simple html access for the time being, its nothing confidential really, just makes the customer feel important when i give him a password and login :D
Cheers,
Taff
 
You must log in or register to reply here.
Back
Top