Hey.
I'm needing a script that will basicly kick out people not logged into N+S Studios. This is sorta hard to explain.
Try logging into N+S (http://kapleenmusic.webfreehosting.net/testlogin.htm) with the username "sarah" and password "password'.
You will see it leads to a page that can be viewed if they just type it in.
If they aren't logged in, it will still let them in. Is there a script that sends them to the login page? Or maybe an error page for not being logged in?
I need one desperately.
thanks in advance-Nicolas.

This page has a very unsecure script all user names and passwords are exposed as well as the page they are directed to. You could do this securely through a server side language. If you have access to it please post what you could do it with for example php, asp, cf, etc.

I'm sorry. I don't understand.
One thing though,
When I upload a .PHP or .ASP it won't work on my site.
Like, when i put it on, it's just strings of code everywhere.
ONly HTML will work for me :/

if you can't use php (or some similar server-side language), then your only real alternative is .htaccess

otherwise, I think you're out of luck. javascript can't do it securely.

Thank you very much everyone.
Now, I have one more thing to ask...
How do I use a .HTAccess, edit it, etc??

Lol I know, I sound so noobish right now, but I'll admit, I am.

What it is http://en.wikipedia.org/wiki/Htaccess

Some tutorials that should be able to get you what you want

http://httpd.apache.org/docs/2.2/howto/auth.html
http://www.besthostratings.com/articles/htaccess-redirects.html
http://www.javascriptkit.com/howto/htaccess3.shtml
http://www.freewebmasterhelp.com/tutorials/htaccess/

Did I do this right?
.HTACCESS:
AuthUserFile C:\Documents and

Settings\myname\Desktop\Stuff\Nicolas\HTML's\login
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic

require user valid-user

.HTPASSWD:
sarah:$apr1$KL.0b...$EmEd5kFrJDm5jSAYXc4H40

I am confused with this.

Are you using this on a local machine? .htaccess will only work on a web server (well, it might be workable on a local computer, but I really don't have any idea about that). If you're on a local computer or network, you should be using your OS to manage access.

How do I fix this? I know nothing about WebFreeHosting except that they use Net2FTP for Online FTP. Could you leave me an email so we may talk faster/easier?
Thanks :)
oops998@gmail.com (I know it's A wierd email address)

Do you mean http://webfreehosting.net/? They seem to offer PHP, which would make this a bit simpler and user-friendly.

Well I'm not used to PHP and no nothing about it. I downloaded the/a program PHP and don't know how to use it. What should I do about the HTAccess, because I want it to block certain pages on my site not my computer. I don't really know what I'm doing and asking. Anyone that wants to be an administrator on my site and help me out can. Just email me please. The PM on DynamicDrive isn't working for me. Thanks.
-Nicolas-

__________________________________________________________________________
I enjoy helping, but I suck at it!
__________________________________________________________________________

But you probably know about as much about htaccess as you do php and I think more people here know php than htaccess so you can get more help via php.

try making a php file (anyname.php) and saving it with the following




<?php
if ( isset($_POST['username']) && isset($_POST['password'])) {
if ($_POST['username']=="carfreak" && $_POST['password']=="CHANGETHIS") {
header("Location: testlogin.htm");
}
if ($_POST['username']=="lovegirl" && $_POST['password']=="CHANGETHIS") {
header("Location: testlogin.htm");
}
if ($_POST['username']=="sample" && $_POST['password']=="CHANGETHIS") {
header("Location: nothere.htm");
}
if ($_POST['username']== && $_POST['password']=="CHANGETHIS") {
header("Location: CPANEL=304935609023q840943903258fg094et9ig0r9e.htm");
}
if ($_POST['username']== && $_POST['password']=="CHANGETHIS") {
header("Location: yay.htm");
}
}
?>
<html>
<head>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1">
<meta name="GENERATOR" content="Microsoft FrontPage Express 2.0">
<title>Test-Login.html</title>
</head>
<body>
<form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<div align="center">
<center>
<table width="225" cellpadding="3" border="1">
<tbody>
<tr>
<td colspan="2"><font size="5"><b>Members-Only Area!</b></font></td>
</tr>
<tr>
<td>Username:</td>
<td><input type="text" name="username" size="20"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="text" name="password" size="20"></td>
</tr>
<tr>
<td align="center" colspan="2"><input type="button" onclick="Login()" value="Login!"></td>
</tr>
</tbody>
</table>
</center>
</div>
</form>
<p align="center"><font face="arial, helvetica" size="1">Or </font><a href="http://kapleenmusic.webfreehosting.net"><font face="arial, helvetica" size="1">Register</font></a></p>
</body>
</html>

Well, the page came up and I had the login box, but I couldn't login :(
I edited the passwords, and that did nothing.
By the way, I encrypted the HTML on that page, how did you still see the code?
-[Nic]-

;236921']
By the way, I encrypted the HTML on that page, how did you still see the code?
-[Nic]-

same way the browser does. "encrypting" your source code accomplishes nothing, except slowing the page load slightly and being a mild annoyance to people who are trying to help you fix your source code.

The headers may need to be absolute (full address, http://www.site.com/page.html) try switching that. If that doesn't work please post the code as you've inputted it and a link.

"Encrypting" your source code you can't/didn't do, you changed the language (or the display mode of it I forget the actual phrasing for it). If you block the source code from being readable than no user/computer can see your web page so there is no point in having it online. If your source code is readable by the browser it will be viewable by the user, no way around that.

<?php
if ( isset($_POST['username']) && isset($_POST['password'])) {
if ($_POST['username']=="foo" && $_POST['password']=="password") {
header("Location: http://kapleenmusic.webfreehosting.net/CPANEL=304935609023q840943903258fg094et9ig0r9e.htm");
}
?>
<html>
<head>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1">
<meta name="GENERATOR" content="Microsoft FrontPage Express 2.0">
<title>Test-Login.html</title>
</head>
<body>
<form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<div align="center">
<center>
<table width="225" cellpadding="3" border="1">
<tbody>
<tr>
<td colspan="2"><font size="5"><b>Members-Only Area!</b></font></td>
</tr>
<tr>
<td>Username:</td>
<td><input type="text" name="username" size="20"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="text" name="password" size="20"></td>
</tr>
<tr>
<td align="center" colspan="2"><input type="button" onclick="Login()" value="Login!"></td>
</tr>
</tbody>
</table>
</center>
</div>
</form>
<p align="center"><font face="arial, helvetica" size="1">Or </font><a href="http://kapleenmusic.webfreehosting.net"><font

face="arial, helvetica" size="1">Register</font></a></p>
</body>
</html>

That's the full code, here's (http://kapleenmusic.webfreehosting.net/thisisatestyouknow.php) the link.

Your missing the second closing bracket



}
?>

should be



}
}
?>

Still didn't work :(

Ooo, You still have JS in the submit button change:



<td align="center" colspan="2"><input type="button" onclick="Login()" value="Login!"></td>


to


<td align="center" colspan="2"><input type="submit" value="Login!"></td>

File not found

Firefox can't find the file at /C:/Documents and Settings/*******/Desktop/<?php echo $_SERVER['PHP_SELF'];?>.

* Check the file name for capitalization or other typing errors.

* Check to see if the file was moved, renamed or deleted.
Wah :( The login button worked this time, but now it's going to a link I didn't add.
Now how do I fix this?
Once again, the login button worked but it's going to a link I didn't add... :(
Help appreciated. Thanks.
-[Nic]-

You don't have PHP setup locally. Put that on your server and see if it works.

Success! http://kapleenmusic.webfreehosting.net/thisisatestyouknow.php
Now, HTAccess time again. I can still access it w/o logging in :( any solutions?

Do you have control to edit the page you are forwarding the user to?

The CPanel? Yeah.

Okay, you'll need to convert it to a php file. I'll post another code for you in a bit that should do it.

I had to make it manually so I have full access to it :P
Thanks!!
:)
-[Nic]-

Cpanel code:



<?php
//If not sure use the form to get here and copy what is displayed above the fail in quotes (if the welcome is displayed you id it correctly.
echo "Copy the value in these Quotes '" . $_SERVER['HTTP_REFERER'] . "'<br />";
if ($_SERVER['HTTP_REFERER'] == "http://domain.com/directories/name.php" || $_SERVER['HTTP_REFERER'] == "http://www.domain.com/directories/name.php") {
echo "Welcome<br />";
if ($_GET['secured'] == 24) {
echo "Verified";
} else {
echo "Unverified";
}
} else {
echo "Fail";
}
?>

Form Page:



<?php
if (isset($_POST['username']) && isset($_POST['password'])) {
if ($_POST['username']=="a" && $_POST['password']=="a") {
header("Location: http://domain/directories/name.php?secured=24");
}
}
?>
<form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<div align="center">
<center>
<table width="225" cellpadding="3" border="1">
<tbody>
<tr>
<td colspan="2"><font size="5"><b>Members-Only Area!</b></font></td>
</tr>
<tr>
<td>Username:</td>
<td><input type="text" name="username" size="20"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="text" name="password" size="20"></td>
</tr>
<tr>
<td align="center" colspan="2"><input type="submit" value="Login!"></td>
</tr>
</tbody>
</table>
</center>
</div>
</form>

Do I add the PHP code with the HTML code on the CPanel?
And the links in both codes, what do I change those to?
Like,

Instead of "header("Location: http://domain/directories/name.php?secured=24");" to "header("Location: http://kapleenmusic.webfreehosting.net/login.php?secured=24"); ?
And,

Like, "if ($_SERVER['HTTP_REFERER'] == "http://domain/directories/name.php" || $_SERVER['HTTP_REFERER'] == "http://www.domain.com/directories/name.php") {
to
if ($_SERVER['HTTP_REFERER'] == "http://kapleenmusic.webfreehosting.net/CPANEL=304935609023q840943903258fg094et9ig0r9e.php" || $_SERVER['HTTP_REFERER'] == "http://kapleenmusic.webfreehosting.net/CPANEL=304935609023q840943903258fg094et9ig0r9e.php") { ?

First quote yes, second quote no, copy the address that appears when you are forwarded there. It's not the page that you are on but the page that gets you there. The second address should have the www. because users/ you can access your site via http://site or http://www.site

The html goes inside where it says echo "Verified";

Delete "echo "Verified"; and put in


?>
HTML OF CPANEL GOES HERE....
<?php

They're blank when I visit them. :(
http://kapleenmusic.webfreehosting.net/thisisatestyouknow.php
http://kapleenmusic.webfreehosting.net/CPANEL=304935609023q840943903258fg094et9ig0r9e.php

You have to post the php code you are using. There is no way for anyone to obtain it without access to your server unless you post it.

CPanel:

<?php
//If not sure use the form to get here and copy what is displayed above the fail in quotes (if the welcome is displayed

you id it correctly.
echo "Copy the value in these Quotes '" . $_SERVER['HTTP_REFERER'] . "'<br />";
"; if ($_SERVER['HTTP_REFERER'] == "http://kapleenmusic.webfreehosting.net/thisisatestyouknow.php" ||

$_SERVER['HTTP_REFERER'] == "http://kapleenmusic.webfreehosting.net/thisisatestyouknow.php") { echo "Welcome
"; if ($_GET['secured'] == 24) { ?><html>

<head>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1">
<title>Welcome To Your CPanel Sarah!</title>
</head>

<body>
<p align="center"><font size="7"><strong>Welcome To Your CPanel </strong><em><strong><u>Sarah!</u></strong></em></font></p>

<p align="center">|<font size="4"><strong> Request a playlist | </strong></font><a
href="editor.htm"><font size="4"><strong>Draw!</strong></font></a><font
size="4"><strong> | </strong></font><a href="music.htm"><font
size="4"><strong>Music</strong></font></a><font size="4"><strong>
| Contact Us | </strong></font><a
href="http://www.kapleenmusic.webfreehosting.net"><font size="4"><strong>Logout</strong></font></a><font
size="4"><strong> |</strong></font></p>

<p align="center"><font size="2"><strong>Your sash:</strong></font></p>

<hr>

<p align="center"><font size="1"><strong>Winning:</strong></font></p>

<table border="0" width="982">
<tr>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center">&nbsp;</td>
<td align="center">&nbsp;</td>
<td align="center">&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>
</body>
</html><?php
; } else { echo "Unverified"; } } else { echo "Fail"; } ?>
Form:

<?php
if ( isset($_POST['username']) && isset($_POST['password'])) {
if ($_POST['username']=="foo" && $_POST['password']=="password") {
"header("Location: http://kapleenmusic.webfreehosting.net/thisisatestyouknow.php?secured=24");
}
?>
<html>
<head>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1">
<meta name="GENERATOR" content="Microsoft FrontPage Express 2.0">
<title>Test-Login.html</title>
</head>
<body>
<form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<div align="center">
<center>
<table width="225" cellpadding="3" border="1">
<tbody>
<tr>
<td colspan="2"><font size="5"><b>Members-Only Area!</b></font></td>
</tr>
<tr>
<td>Username:</td>
<td><input type="text" name="username" size="20"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="text" name="password" size="20"></td>
</tr>
<tr>
<td align="center" colspan="2"><input type="submit" value="Login!"></td>
</tr>
</tbody>
</table>
</center>
</div>
</form>
<p align="center"><font face="arial, helvetica" size="1">Or </font><a href="http://kapleenmusic.webfreehosting.net"><font

face="arial, helvetica" size="1">Register</font></a></p>
</body>
</html>

Remove the " from the header


"header(.........

should be


header(......... (everything after the '(' is correct so keep that.

Cpanel code (your refer page is wrong here. Copy the page that is displayed when you get here from the form):

<?php
echo "Copy the value in these Quotes '" . $_SERVER['HTTP_REFERER'] . "'<br />";
if ($_SERVER['HTTP_REFERER'] == "http://kapleenmusic.webfreehosting.net/thisisatestyouknow.php" || $_SERVER['HTTP_REFERER'] =="http://www.kapleenmusic.webfreehosting.net/thisisatestyouknow.php") {
if ($_GET['secured'] == 24) {
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Welcome To Your CPanel Sarah!</title>
</head>
<body>
<p align="center"><font size="7"><strong>Welcome To Your CPanel </strong><em><strong><u>Sarah!</u></strong></em></font></p>
<p align="center">|<font size="4"><strong> Request a playlist | </strong></font><a
href="editor.htm"><font size="4"><strong>Draw!</strong></font></a><font
size="4"><strong> | </strong></font><a href="music.htm"><font
size="4"><strong>Music</strong></font></a><font size="4"><strong> | Contact Us | </strong></font><a
href="http://www.kapleenmusic.webfreehosting.net"><font size="4"><strong>Logout</strong></font></a><font
size="4"><strong> |</strong></font></p>
<p align="center"><font size="2"><strong>Your sash:</strong></font></p>
<hr>
<p align="center"><font size="1"><strong>Winning:</strong></font></p>
<table border="0" width="982">
<tr>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center"><img src="star.gif" width="57"
height="56"></td>
<td align="center">&nbsp;</td>
<td align="center">&nbsp;</td>
<td align="center">&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>
</body>
</html>
<?php
} else {
echo "Unverified"; }
} else {
echo "Fail";
}
?>

Still doesn't work, I did what you said, err, or put.

I'd have to see the code on the server email me thebluewalrus@gmail.com if you have ftp access to it.

K I will tonight. Thanks. :)
-[Nic]-

if you can't use php (or some similar server-side language), then your only real alternative is .htaccess

otherwise, I think you're out of luck. javascript can't do it securely.

It's working, and out of curiosity, do you know htaccess?

;237200']

if you can't use php (or some similar server-side language), then your only real alternative is .htaccess

otherwise, I think you're out of luck. javascript can't do it securely.
It's working, and out of curiosity, do you know htaccess?

Actually, I wrote that - I don't know who lenco12 is.

couldn't just say, off the top of my head, but I know enough to figure it out.

PHP is typically better (for user experience), though, .htaccess is just an ugly popup box that asks for a password. It's very secure, though.

Your attempt earlier (around page 2, I think) was a good start. we can look at it in more detail if you're interested.

The lenco was spamish in nature it brought up the same points already made and didn't offer anything new except a link to a movie site.

Actually, I wrote that - I don't know who lenco12 is.

couldn't just say, off the top of my head, but I know enough to figure it out.

PHP is typically better (for user experience), though, .htaccess is just an ugly popup box that asks for a password. It's very secure, though.

Your attempt earlier (around page 2, I think) was a good start. we can look at it in more detail if you're interested.

That wasn't expected :P (YOU ARE LINCO12?!?! Why didn't you tell us?)

I would like to learn HTAccess, it would be very useful, that and I'm trying PHP.
Thanks :)

Linco12 was a spammer whose post was deleted. (The post included a quote from your post.)

okay, well, now that that's sorted out.

Nicholas: this is a decent htaccess article: http://www.javascriptkit.com/howto/htaccess3.shtml

What have you tried so far? Do you have any specific questions?

I'm not sure what to put on the first line in htaccess...
I don't know what to put after "AuthUserFile".
EDIT: And "AuthName".

the "AuthUserFile" is the path to the .htpasswd file, realtive to the server. For example, your website root (www.whatever.com) is somewhere on your server's HD, like "/home/users/yourname/whatever_com/public_html/". Aside from getting the path correct, this:

AuthUserFile /usr/local/you/safedir/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic

require valid-usershould work fine.

Your .htpasswd file should be a list of usernames/password hashes, separated by colons:

{username}:{password hash}
{otheruser}:{differenthash}
DD has a tool for creating the password hash (http://www.tools.dynamicdrive.com/password/), and there's more instructions there too.

WooHoo!

403
Permission denied.
(A.K.A. it works)
Thanks for the help everyone :)

...and I assume you can log in successfully as well? :)

Lol yeah.
Now I'm having MySQL troubles...
I'm setting up PHP Fusion on my site but it can't connect to both of my MySQL accounts.
Ex:
Database hostname: myhostname.sql**.freemysql.net
Username: nsstudios
Password: ******
Database Name: nsstudios (or) phpfusion
Table prefix: (left alone) fusion_

I click 'next' and it says it cannot connect to it. What do I do?

I'd have to see your code - one connection can't connect to both databases, but you can make two connections. Additionally, every mysql function will have to specify which connection it wants to use, or things will get mixed up.

Why don't you start a new thread in the mysql forum?

Nevermind got it working, had to use a MySQL database on my account. :)
progress: 81%
Link: http://kapleenmusic.webfreehosting.net/7-00-07/files/news.php
Trying to find out how to change the title.. :/ lol

Line 3, I think of your code, in the head of the document.


<title>PHP-Fusion Powered Website - News</title>

I know but you could do it in the admin panel somewhere.
Got it done lol.
One issue, in the Admin panel, when I go to like the Forum administration, there are drop down menus that are empty and textareas, and empty buttons, etc. I don't know what the heck is going on...