•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the PHP section within the Web Development category of DaniWeb, a massive community of 391,661 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 2,844 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our PHP advertiser: Lunarpages PHP Web Hosting
Views: 1083 | Replies: 3
 |
•
•
Join Date: Jan 2007
Location: Philippines
Posts: 8
Reputation: 
Rep Power: 0
Solved Threads: 0
Newbie Poster
Password Protecting the add page I'm using an html form to add to a list, specifically a flatfile database called demo3.txt. The add.php file is this:
The form code looks like this:
I haven't uploaded the codes to the site yet because I was thinking that people might be able to access the form.html page and they might mess up the flatfile database. Is there anything I can do to secure the form.html page so that only people with a password can access it?
For example, if I want to set-up an admin login page, how do I code that with php? Do I need to work with a MySQL database? If there's a way to do it without using MySQL, I'd really appreciate it.
Thanks to people who'll help, if the question isn't clear, please tell me so I could clear things up, I'd really appreciate help on this. Thanks!
<?php
$name = $_POST['name'];
$nickname = $_POST['nickname'];
$motto = $_POST['motto'];
$fp = fopen("demo3.txt","a");
if(!$fp) {
echo 'Error: Cannot open file.';
exit;
}
fwrite($fp, "\r\n".$name."|".$nickname."|".$motto);
echo 'The data has been added to the database. <a href="form.html">Add more?</a>';
fclose($fp);
?>The form code looks like this:
<form action="add.php" method="post"> <label>Member name:</label><input type="text" name="name" size="20"><br> <label>Nickname:</label><input type="text" name="nickname" size="20"><br> <label>Motto:</label><textarea name="motto" rows="5" cols="50"></textarea><br> <input type="submit" value="Add to List"> <input type="reset" value="Clear Form"> </form>
I haven't uploaded the codes to the site yet because I was thinking that people might be able to access the form.html page and they might mess up the flatfile database. Is there anything I can do to secure the form.html page so that only people with a password can access it?
For example, if I want to set-up an admin login page, how do I code that with php? Do I need to work with a MySQL database? If there's a way to do it without using MySQL, I'd really appreciate it.
Thanks to people who'll help, if the question isn't clear, please tell me so I could clear things up, I'd really appreciate help on this. Thanks!
•
•
Join Date: Oct 2006
Location: Sofia, Bulgaria
Posts: 135
Reputation:
Rep Power: 2
Solved Threads: 7
Junior Poster
•
•
•
•
Originally Posted by kanaku 
I'm using an html form to add to a list, specifically a flatfile database called demo3.txt. The add.php file is this:
<?php $name = $_POST['name']; $nickname = $_POST['nickname']; $motto = $_POST['motto']; $fp = fopen("demo3.txt","a"); if(!$fp) { echo 'Error: Cannot open file.'; exit; } fwrite($fp, "\r\n".$name."|".$nickname."|".$motto); echo 'The data has been added to the database. <a href="form.html">Add more?</a>'; fclose($fp); ?>
The form code looks like this:
<form action="add.php" method="post"> <label>Member name:</label><input type="text" name="name" size="20"><br> <label>Nickname:</label><input type="text" name="nickname" size="20"><br> <label>Motto:</label><textarea name="motto" rows="5" cols="50"></textarea><br> <input type="submit" value="Add to List"> <input type="reset" value="Clear Form"> </form>
I haven't uploaded the codes to the site yet because I was thinking that people might be able to access the form.html page and they might mess up the flatfile database. Is there anything I can do to secure the form.html page so that only people with a password can access it?
For example, if I want to set-up an admin login page, how do I code that with php? Do I need to work with a MySQL database? If there's a way to do it without using MySQL, I'd really appreciate it.
Thanks to people who'll help, if the question isn't clear, please tell me so I could clear things up, I'd really appreciate help on this. Thanks!
Normally if you try to access the anypage.php via http, where the php engine is working on the server, the PHP code gets parsed and does not print in the html source. So if you're worried if it can be easily read using the browser...if everything is OK, it should not be that easy.
Still if you want to create a simple mechanism for securing a directory in the webserver, then you can read the help on your server. About Apache services, stick to instructions how to use .htaccess files to protect directory contents.
If you need advanced login page, where multiple users will register, login, etc. - You should use a database of some sort, like MySQL for example.
•
•
Join Date: Mar 2004
Posts: 715
Reputation:
Rep Power: 6
Solved Threads: 28
Master Poster
If you're the only one that needs access, I'd say put the file in a separate directory and use an htaccess file.
•
•
Join Date: Jan 2007
Location: Philippines
Posts: 8
Reputation:
Rep Power: 0
Solved Threads: 0
Newbie Poster
•
•
•
•
Originally Posted by Phaelax
If you're the only one that needs access, I'd say put the file in a separate directory and use an htaccess file.
OK. Thanks, I think this is the one I need. :cheesy:
|
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
•
•
•
•
•
•
•
•
DaniWeb PHP Marketplace
Linear Mode
- Updated : Simple ASP.Net Login Page (ASP.NET)
- password protecting (HTML and CSS)
- Access Sub switchboard password protection (Visual Basic 4 / 5 / 6)
Other Threads in the PHP Forum
- Previous Thread: echo not working
- Next Thread: How to insert text formatting options and smiley tags in website
