PDA

View Full Version : Help with a Password Box to redirect users to another page



ValicornTheAlicorn
03-19-2013, 11:48 AM
I want to make a website which contains nothing except:

"Welcome...Please Insert Your Password To Continue! Password: ________________"

I have found a script which seems to make something similar to what i want, but it only seems to give me the 'Login' button, im using Microsoft Expression Web, here is the code which i copied from another Password/User thread.


<html>
<HEAD>
<SCRIPT LANGUAGE="JavaScript">
function LogIn(){
loggedin=false;
username="";
password="";
username=prompt("Username:","");
username=username.toLowerCase();
password=prompt("Password:","");
password=password.toLowerCase();
if (username=="guest" && password=="login") {
loggedin=true;
window.location="home-page.html";
}
if (username=="guest2" && password=="login2") {
loggedin=true;
window.location="home-page2.html";
}
if (loggedin==false) {
alert("Invalid login!");
}
}
</SCRIPT>
<BODY>
<center>
<form><input type=button value="Login!" onClick="LogIn()"></form>
</center>
</body>
</html>


As i said, it only seems to give me a button with 'Login' and nothing else...i hope someone would please be able to guide be into making a password lock which will ONLY have Password, and not username...as the only people who would access the website would be about 3 people, and we would all have the same password.

Thanks Guys!

EDIT: I have played around with the code and have found that the first "If Username=... Password=..." will redirect me, whereas the second will give me invalid login...can someone please post a correct code to create just a password box in order to take me to another site, and if someone tried to type the URL for the second website, it would take them to the login site.

If anyone can actually understand what im asking for (as ive asked multiple people i know in reality and they dont seem to understand... -_-) please help

Beverleyh
03-19-2013, 02:34 PM
Javascript is very insecure - you can just view the source code to grab the password - so it will be best to use a server-side language, such as PHP.

Very simple example...

"admin-login.php" (include the PHP and HTML)

<?php

session_start(); // must go right at the top of the page - to track login

$logins = array('myUsername' => 'myPassword'); // your username and password

if($_POST['Submit'] == 'Submit') { // check for form submit
$user = $_POST['user'];
$pass = $_POST['pass'];
if (isset($logins[$user]) && ($logins[$user] == $pass)) { // check login and compare credentials
$_SESSION['username'] = $user; // set the session
header('Location: another-page.php'); // redirect to protected page
}
}
?>
<form name="loginform" method="post" action="admin-login.php">
Username :<input type="text" name="user" /><br />
Password :<input type="text" name="pass" /><br />
<input type="submit" name="Submit" value="Submit" />
</form>



Then in your protected page...

"another-page.php"
<?php

session_start(); // must go right at the top of the page - to track login

if($_SESSION['username']) { // check that session
if($_POST['Logout'] == 'Logout') { // check for form submit
session_destroy(); // destroy the session to logout
header('Location: admin-login.php'); // redirect back to login page
}
?>

<!-- START - put all your content to be protected here -->
Another page.
<br/><br/>
<form name="logout" method="post" action="another-page.php">
<input type="submit" name="Logout" value="Logout" />
</form>
<!-- END - put all your content to be protected here -->

<?php } else {
echo "Access Denied";
header('Location: admin-login.php'); // redirect back to login page
}
?>I've included a logout button for your convenience.



If you want to carry the login session across other pages of your website you must include
<?php session_start(); ?>right at the top and end with the .php extension too

Beverleyh
03-19-2013, 02:50 PM
PS - to change the form into a password-only field, you could just do;
<form name="loginform" method="post" action="admin-login.php">
<input type="hidden" name="user" value="myUsername" />
Password :<input type="text" name="pass" /><br />
<input type="submit" name="Submit" value="Submit" />
</form>The value="myUsername" should match the username in the $logins array.

Beverleyh
03-19-2013, 05:43 PM
And a further afterthough...

If you want, you can use the $logins array for multiple users too - each with their own username and password. Just do this;

$logins = array( // your usernames and passwords - in pairs
'myUsername' => 'myPassword',
'Bobby' => 'bibbityboo',
'Garfield' => 'rascalcat',
'Jimbo' => 'squeakyplane' // IMPORTANT - no comma after last pair
);

joedvl
11-17-2015, 07:08 PM
Is there any way to use the code you posted in order to redirect users to a different page? I'm trying to accomplish this by using one button rather than multiple links.

Beverleyh
11-17-2015, 08:02 PM
I'm not sure what you mean. There is this line in the code that redirects users to a different page
header('Location: another-page.php'); // redirect to protected page

And the login form has only one button. No links.

alienabbb
12-04-2015, 02:21 PM
Hi BeverleyH - thanks, this is what I was looking for, almost :) I need a script that helps me 'password' protect a page ... use case is that the user gets a special code that he can use to access a page ... so I don't need the username

I think this part of the script needs to be changed ... How? comments bellow... THANKS!

$logins = array(// your username and password

'user1' => '1111',
'user2' => '2222',
'user3' => '1234');

if($_POST['Submit'] == 'Submit') {

$user = $_POST['user']; //can I get rid of this?
$pass = $_POST['pass'];

if (isset($logins[$user]) && ($logins[$user] == $pass)) { // check login and compare credentials //can I change it to this ... if (isset($logins[$pass] && ($logins[$pass] == $pass))

$_SESSION['username'] = $user; // I'm not sure I can get rid of this or change it to pass
header('Location: members.php');


I'm not sure what you mean. There is this line in the code that redirects users to a different page
header('Location: another-page.php'); // redirect to protected page

And the login form has only one button. No links.

Beverleyh
12-04-2015, 04:03 PM
Have you tried your suggestions/changes out? What happened? Or use the previously suggested password-only workaround (set every username as the same thing) http://www.dynamicdrive.com/forums/showthread.php?73247-Help-with-a-Password-Box-to-redirect-users-to-another-page&p=292191#post292191

erictran
12-07-2015, 04:41 PM
Javascript is very insecure - you can just view the source code to grab the password - so it will be best to use a server-side language, such as PHP.

Very simple example...

"admin-login.php" (include the PHP and HTML)

<?php

session_start(); // must go right at the top of the page - to track login

$logins = array('myUsername' => 'myPassword'); // your username and password

if($_POST['Submit'] == 'Submit') { // check for form submit
$user = $_POST['user'];
$pass = $_POST['pass'];
if (isset($logins[$user]) && ($logins[$user] == $pass)) { // check login and compare credentials
$_SESSION['username'] = $user; // set the session
header('Location: another-page.php'); // redirect to protected page
}
}
?>
<form name="loginform" method="post" action="admin-login.php">
Username :<input type="text" name="user" /><br />
Password :<input type="text" name="pass" /><br />
<input type="submit" name="Submit" value="Submit" />
</form>



Then in your protected page...

"another-page.php"
<?php

session_start(); // must go right at the top of the page - to track login

if($_SESSION['username']) { // check that session
if($_POST['Logout'] == 'Logout') { // check for form submit
session_destroy(); // destroy the session to logout
header('Location: admin-login.php'); // redirect back to login page
}
?>

<!-- START - put all your content to be protected here -->
Another page.
<br/><br/>
<form name="logout" method="post" action="another-page.php">
<input type="submit" name="Logout" value="Logout" />
</form>
<!-- END - put all your content to be protected here -->

<?php } else {
echo "Access Denied";
header('Location: admin-login.php'); // redirect back to login page
}
?>I've included a logout button for your convenience.



If you want to carry the login session across other pages of your website you must include
<?php session_start(); ?>right at the top and end with the .php extension too

Thank you, this solution worked for me!