Hello again, everybody. :D
Got another quandary.....Is there a way to password protect a link on a page, so that if, for example, I have a website that deals with some of my art, I can leave open the links for the art pages, but password protect a "Family Photos" link, so that not just anyone anywhere can see my family photos?......I've looked around a bit, but I'm still relatively new to this. Any help would be appreciated, and thanks!

That depends.
Which webserver are you running? Do you have any server-side languages? Do you have full access to the webserver and its settings?

Well, you are talking a bit over my head, but here are some specs-

Red Hat Linux 7.2, Apache
Multiple OC3 & OC12 Connections, Tier 1 Provider
FrontPage, SSI, PHP, CGI, mod-perl, Apache ASP, SSL, Web statistics, Apache ErrorDocs

I have 1gb of webspace, and 24.7gb transfer per month.

I use Plesk 7.0.4 to login and edit my website, and I have pretty much full access to everything having to do with it. If I need to change something in the actual server, I can contact my hoster, I've done some work for him in the past, so we are on good terms, he hosts me for free. I was just hoping there would be a way I could link it to a password popup thing, and if you don't type in the right password, you get booted back to the homepage.

You can, but it's not a good idea. Javascript password protection is very insecure, and when you have PHP available anyway, it's better to use that.


<?php
# security.inc.php (in the same directory as your pages)

$mypass = "yourPassGoesHere";

$prompt = <<<END

<html>
<head>
<title>Please enter password</title>
</head>
<body>
<form action="
END;

$prompt .= $_SERVER['HTTP_REFERER'];

$prompt .= <<<END
" method="post">
<input type="password" name="password"/>
<input type="submit" value="OK"/>
</form>
</body>
</html>
END;

session_start();
if(isset($_POST['password'])) {
if($_POST['password'] != $mypass) {
die(
$prompt);
} else {
session_register("password");
if($_POST['password'] == $mypass) $_SESSION['password'] = $_POST['password'];
}
} else if(!$_SESSION['password']) {
die($prompt);
}
?>


Edit as needed.

Then include it at the top of your protected .php page like so:
<?php include("security.inc.php"); ?>

Note that this way, when the user enters the password once, s/he won't have to enter it again to use any page that includes security.inc.php if s/he has cookies enabled. If you want another login for other pages, you must create another include page, and change every instance of "password" to something else.

Hi Twey

Just searched and found this thread. This is what I want but when i followed your instrction i got a parse error as follows.

Parse error: parse error, unexpected T_SL in /home/sites/patdoran.co.uk/public_html/news/security.inc.php on line 6


any ideas on whats the problem here

Works fine here... what version of PHP are you running?

Works fine here... what version of PHP are you running?


It is PHP 4.3.11

I just tried it again in case i copied it incorrectly but got the same error

Hm... try this.
<?php
# security.inc.php (in the same directory as your pages)

$mypass = "yourPassGoesHere";

function prompt() {
?>
<html>
<head>
<title>Please enter password</title>
</head>
<body>
<form action="<?php echo($_SERVER['HTTP_REFERER']); ?>" method="post">
<input type="password" name="password"/>
<input type="submit" value="OK"/>
</form>
</body>
</html>
<?php
return "";
}

session_start();
if(isset($_POST['password'])) {
if($_POST['password'] != $mypass) {
die(
$prompt);
} else {
session_register("password");
if($_POST['password'] == $mypass) $_SESSION['password'] = $_POST['password'];
}
} else if(!$_SESSION['password']) {
die(prompt());
}
?>

yup that got

thanks very much

Can always rely on you to help me out

Anyone know when here-document was introduced into PHP?

Does php.net not have that?
They're usually good about that type of thing.

Apparently not. The only reference to here-doc I can find is in the print (http://www.php.net/print) page, and it doesn't go into detail.