
LOGIN.PHP FILE
Code: Select all
<!DOCTYPE html>
<?php
/*This file conatins the password.
The reason it is in a different files is because
this file will hold all settings (PHP variables)
for storing saved settings. No client side code. */
include('settings.php');
?>
<HTML>
<HEAD>
<script type='text/javascript'>
function openWindowWithPost(url, params, newWin){
//Changes page URL with POST parameters
var form = document.createElement('form');
form.setAttribute('method', "post");
form.setAttribute('action', url);
form.setAttribute('target', '_self');
for (var i in params){
if (params.hasOwnProperty(i)){
var input = document.createElement('input');
input.type = 'hidden';
input.name = i;
input.value = params[i];
form.appendChild(input);
if (newWin != undefined){
form.target = '_blank';
}
}
}
document.body.appendChild(form);
form.submit();
}
function login(){
//Reloads the page with the POST parameter "letmein" set as password
var params = {};
params['letmein'] = document.getElementById('pswd').value;
openWindowWithPost('Login.php', params);
}
</script>
</HEAD>
<BODY>
<?php
if (@$_POST['letmein'] != $securityWord){
//No password or invalid password
if (@$_POST['letmein'] != ''){
//If password was invalid
echo "<script type='text/javascript'>alert('Incorrect password');</script>".PHP_EOL;
}
?>
<!-- Login HTML -->
Password:
<input type='password' id='pswd' />
<button onclick='login();'>LOGIN</button>
<?php
} else {
//Password was correct. Include page that is secure.
include ('admin.php');
}
?>
</BODY>
</HTML>
Code: Select all
<?php
$securityWord = 'password';
/*This page would contain more settings but
for this example I am keeping it as basic as
possible. */
?>
Code: Select all
<?php
if (!isset($securityWord)){die('This is a secure site. Please use the login file (Login.php).');}
?>
You made it to the secure page!!!