Password Protected Page Login Script

**nerd** · 09-06-2012, 06:18 AM

I've seen a lot of login scripts with page password protection but not what I need.
I hope someone here has come across one or has one available.

I need a customer to login with a username & password that connects them to their password protected page.
Each user name and password goes to a different page and each page is a php page that needs to be password protected (I'll be the only one creating new users)
I also want a forgot password? feature if possible but not necessary.

I'll redesign the login form to match the site design.

Let me know if you can help, Thanks!

**djr33** · 09-06-2012, 06:38 AM

This is probably something you'd need to program yourself. It shouldn't be too difficult, although if the data is especially private then you should be very careful that it is secure. For that reason, it's important to read some tutorials and recommendations, but that doesn't make it hard to do necessarily, just that there are some details you wouldn't know about if you haven't done this before.

A "Forgot password?" link is actually pretty complicated. If you store the password in the database, then you could send it to their email. But often that doesn't feel secure (or actually isn't secure), so I'd recommend against it.
Most better designed systems use a "hash" method anyway, where the actual password is never stored (you can't even figure it out looking at the database); rather an algorithm like md5 or sha1 (easily available in PHP) will do one-way encryption-- create a sequence of letters and numbers that corresponds to the password, but can't be unencoded-- that's why it's secure. Then when someone logs in, you simply use md5 or sha1 again to see if they entered the same password (eg, if the two encoded versions match, then the input/raw versions also matched), and you can still log them in.
If you're using that method (I'd recommend it) you can't give them their password. There are two options: 1) reset their password to some random value and email that (probably with a later option to set a password of their choice); or 2) allow them to reset their password after clicking a link with a special code to verify that they own the account/email.

Note: for a smaller project, a simple alternative is just a "contact us" page, where they can ask about problems with their account-- then if they seem to be able to receive/send emails from that account, you can manually reset the account-- it shouldn't happen too often. Of course I'd only recommend this for a generally small site (so you don't have too much work) and if it isn't meant to be especially secure (eg, not a bank!).

There will be plenty of tutorials/information online for both parts. Alternatively if that just sounds like too much, you could look into hiring someone to build this for you. For an experienced PHP programmer, this wouldn't be a particularly difficult project and you wouldn't need to worry so much about whether you're "doing it right". (But I do think this is a very possible project for someone new to PHP, it just takes some time and care.)

**nerd** · 09-06-2012, 06:53 AM

Thanks for your response DJR33.

After reading your answer I've decided not to move forward with the forgot password part of the script.

Let me know if you would build this and send me your price and If you would I will also like to submit what I want the login form to look like so it's done along with the script font size, font style, size etc...

Thanks!

**djr33** · 09-06-2012, 07:06 AM

I'm completely unavailable at the moment due to time (grad school!), but if you post this in the "paid work requests" area, I'm sure someone will see it. This is a very reasonable script to take on for someone with experience.

The "Forgot Password" part isn't unreasonable either, especially if you're considering hiring someone to do it. But in terms of work, that part in itself is about equal to the rest of the login system as a whole. It's up to you-- it's a nice feature, but a little complicated

**nerd** · 09-06-2012, 07:08 AM

DJR33 Thanks Again.

I'll put the details together and post it in the "paid work requests" soon.

Thanks for taking the time to respond with Grad School! Good Luck!