Password protect your content with Web Page Password Protect by just adding one line of PHP code to your page source. Script will present user with password entry form, and will not let visitor see your private content without providing a password.
Multiple user accounts support, improved security, automatic logout, and manual logout feature.
Usage:
Save protect_pass.php somewhere on your server
Update it with your desired password or login/password pair. Use any plain text editor to accomplish this step. Sample editors: Notepad (Windows) or vi (Unix).
Open script in your browser with “trogiup” parameter to see the line of code to add to every page you would like to be password protected.
Example:
protect_pass.php?trogiup
It will show you protection code to include into your pages. Sample protection code would look like this (yours will be different):
<?php include("/home/bienthuy/public_html/security/protect_pass.php"); ?>
Add that line of code to each php page you would like to protect at the very beginning of the page source (it must be the first line).
For example you want to protect page protect-me.php. Open it for editing, and add the protection string (see above on how to get the protection string) at the beginning. So resulting code would look like
<?php include("/home/bienthuy/public_html/security/protect_pass.php"); ?> ... here, at the second line starts your page code ...
This is full code: protect_pass.php
<?php /* Password Protected * Shared by BienThuy.Com * www.BienThuy.Com * @ 2013. All Rights Reserved. * Add following HTML code to your page where you want to have logout link * <a href="https://www.example.com/path/to/protected/page.php?logout=1">Logout</a> * Usage: * Set usernames / passwords below between SETTINGS START and SETTINGS END. * Open it in browser with "trogiup" parameter to get the code * to add to all files being protected. * Example: protect_pass.php?trogiup * Include protection string which it gave you into every file that needs to be protected */ ################################################################## # SETTINGS START ################################################################## // Add login/password pairs below, like described above // NOTE: all rows except last must have comma "," at the end of line $LOGIN_INFORMATION = array( 'bienthuy' => 'bienthuypass', 'admin' => 'adminpass' ); // request login? true - show login and password boxes, false - password box only define('USE_USERNAME', true); // User will be redirected to this page after logout define('LOGOUT_URL', 'https://bienthuy.com/'); // time out after NN minutes of inactivity. Set to 0 to not timeout. I set this to 30 minute to automatic logout define('TIMEOUT_MINUTES', 30); // This parameter is only useful when TIMEOUT_MINUTES is not zero // true - timeout time from last activity, false - timeout time from login define('TIMEOUT_CHECK_ACTIVITY', true); ################################################################## # SETTINGS END ################################################################## /////////////////////////////////////////////////////// // do not change code below /////////////////////////////////////////////////////// // show usage example if(isset($_GET['trogiup'])) { die('Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?>'); } // timeout in seconds $timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60); // logout? if(isset($_GET['logout'])) { setcookie("verify", '', $timeout, '/'); // clear password; header('Location: ' . LOGOUT_URL); exit(); } if(!function_exists('showLoginPasswordProtect')) { // show login form function showLoginPasswordProtect($error_msg) { ?> <html> <head> <title>Please enter password to access this page</title> <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE"> <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE"> </head> <body> <style> input { border: 1px solid black; } </style> <div style="width:500px; margin-left:auto; margin-right:auto; text-align:center"> <form method="post"> <h3>Please enter password to access this page</h3> <br> This is demo page, please enter User: bienthuy Pass: bienthuypass to login. <font color="red"><?php echo $error_msg; ?></font><br /> <?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" value="bienthuy"/><br />Password:<br />'; ?> <input type="password" name="access_password" value="bienthuypass"/><p></p><input type="submit" name="Submit" value="Submit" /> </form> <br /> <a style="font-size:9px; color: #B0B0B0; font-family: Verdana, Arial;" href="https://bienthuy.com" title="Download Password Protector">Download Password Protector</a> </div> </body> </html> <?php // stop at this point die(); } } // user provided password if (isset($_POST['access_password'])) { $login = isset($_POST['access_login']) ? $_POST['access_login'] : ''; $pass = $_POST['access_password']; if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION) || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) ) { showLoginPasswordProtect("Incorrect password."); } else { // set cookie if password was validated setcookie("verify", md5($login.'%'.$pass), $timeout, '/'); echo '<html> <head> <title>Please enter password to access this page</title> <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE"> <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> </head> <body><h1><center>You have login sucessfull. <br />Login thành công rồi, muốn cái gì ở đây thì làm thôi<br> Logout will redirect you to BienThuy.Com: <a href="/ht/protect_pass.php?logout=1">Logout</a> </center></h1></body></html>'; // Some programs (like Form1 Bilder) check $_POST array to see if parameters passed // So need to clear password protector variables unset($_POST['access_login']); unset($_POST['access_password']); unset($_POST['Submit']); } } else { // check if password cookie is set if (!isset($_COOKIE['verify'])) { showLoginPasswordProtect(""); } // check if cookie is good $found = false; foreach($LOGIN_INFORMATION as $key=>$val) { $lp = (USE_USERNAME ? $key : '') .'%'.$val; if ($_COOKIE['verify'] == md5($lp)) { $found = true; // prolong timeout if (TIMEOUT_CHECK_ACTIVITY) { setcookie("verify", md5($lp), $timeout, '/'); } break; } } if (!$found) { showLoginPasswordProtect(""); } } ?>
Demo here: https://demo.bienthuy.com/php/protect/protect_pass.php