14 Replies Latest reply on Sep 22, 2015 1:12 PM by CJ Whitsett

    Dreamweaver login page

    CJ Whitsett

      I just want to make a simple login form but don't know how to make a database. Why does it have to be so complicated?

      I have just completed a conference and want to give attendees access to download the presentations. I will email them all a single password which they will enter and then hit submit to move on to the page with files for download. Why do I have to create a database to do something that seems so simple?

        • 1. Re: Dreamweaver login page
          Nancy OShea Adobe Community Professional & MVP

          You don't need a database for this.

          If your server has a C-Panel, create a password protected folder on your server.  And just put your materials inside that protected folder.  It's a no frills approach, but it gets the job done.

           

          If you have Win hosting, you may need to contact your web host to do it for you.

           

          Nancy O.

          • 2. Re: Dreamweaver login page
            Level 4

            What would prevent any of the conference attendees from simply sharing the universal username/password to someone that didn't attend the conference and gain access to download the items then? Why even have a password if you're giving the same username and password to multiple individuals? Why would you deliver the same username and password to multiple individuals insecurely via email? Does anyone that didn't attend the conference really care about the items you have available? Why not just email a link to conference attendees that directs them to a non password protected page to download items? Or... why not simply email the attachments to individuals whom you'd like to download or share the files on Google Drive or Dropbox?

             

            best,

            Shocker

            • 3. Re: Dreamweaver login page
              CJ Whitsett Level 1

              Thanks very much Nancy O. Unfortunately the cPanel login was set up by a colleague at another company and the login info she gave me isn't working. I can connect via FTP with Dreamweaver and work on the site in basic html but GoDaddy won't let me into the account to apply the solution you suggested. I'll keep trying.

              Thanks

              • 4. Re: Dreamweaver login page
                CJ Whitsett Level 1

                Thanks Shocker. Your suggestion works too. I was just trying to appear more sophisticated than that. At the end of the day I just don't want to make it easy for our competitors to access the files. If they want them bad enough they will find a way around.

                • 5. Re: Dreamweaver login page
                  Nancy OShea Adobe Community Professional & MVP

                  <the cPanel login was set up by a colleague at another company...?

                   

                  OK.  Go to Plan B.

                  Password Protection with htaccess - Htaccess Tools

                  Use .htaccess and .htpasswd files to manually create a password protected directory on your server.  You can add as many unique usernames and passwords as needed.   Again, no dbase required.

                   

                   

                  Nancy O.

                  1 person found this helpful
                  • 6. Re: Dreamweaver login page
                    CJ Whitsett Level 1

                    Nancy O,

                    Do I do this in Dreamweaver? If I make a New document do I start with HTML...PHP...txt?

                    Would the file name then look something like this - ."htaccess.php" or would it be "login.htaccess"?

                    • 7. Re: Dreamweaver login page
                      CJ Whitsett Level 1

                      <!doctype html>
                      <html>
                      <head>
                      <meta charset="utf-8">
                      <title>Document Login</title>
                      </head>

                      <body>
                      <p>AuthType Basic</p>
                      <p>AuthName "Password Protected Area"  </p>
                      <p>AuthUserFile /path/to/.htpasswd  </p>
                      <p>Require valid-user</p>
                      </body>
                      </html>

                      • 8. Re: Dreamweaver login page
                        Nancy OShea Adobe Community Professional & MVP

                        No.  Dot htaccess and dot htpasswd are plain text files.  No other file extension is required. 

                         

                        Those 2 files must be uploaded into the protected folder on your server.

                          

                        your_site.com

                          PROTECTED_FOLDER    

                                  .htaccess

                                  .htpasswd

                                  handouts.html

                                  materials.pdf

                         

                        Nancy O.

                        1 person found this helpful
                        • 9. Re: Dreamweaver login page
                          osgood_ Level 8

                          CJ Whitsett wrote:

                           

                          <!doctype html>
                          <html>
                          <head>
                          <meta charset="utf-8">
                          <title>Document Login</title>
                          </head>

                          <body>
                          <p>AuthType Basic</p>
                          <p>AuthName "Password Protected Area"  </p>
                          <p>AuthUserFile /path/to/.htpasswd  </p>
                          <p>Require valid-user</p>
                          </body>
                          </html>

                           

                          You could entertain a cheap and cheerful php in_array solution (its not the best or the most secure but in your situation it might be all you require)

                           

                          Just insert all the 'usernames' and 'passwords' in the arrays (see below). When there is s match the user gets taken to the secure_page.php

                           

                          login.php page code:

                           

                          <?php

                          session_start();

                          if(isset($_POST['submit'])) {

                          $get_username = $_POST['username'];

                          $get_password = $_POST['password'];

                          $username = array(

                          "Pink",

                          "Yellow",

                          "Green",

                          "Blue"

                          );

                          $password = array(

                          "Pig",

                          "Sun",

                          "Grass",

                          "Sky"

                          );

                          if (in_array($get_username, $username))

                          {

                          $_SESSION['$username_correct'] = true;

                          }

                          else

                          {

                          $error_username = "Match not found for username";

                          }

                          if (in_array($get_password, $password))

                          {

                          $_SESSION['$password_correct'] = true;

                          }

                          else

                          {

                          $error_password = "Match not found for password";

                          }

                          if(isset($_SESSION['$username_correct']) && isset($_SESSION['$password_correct'])) {

                          header('Location: secure_page.php');

                          }

                          }

                          ?>

                          <!DOCTYPE html>

                          <html>

                          <head>

                          <meta charset="UTF-8" />

                          <title>Login</title>

                          </head>

                           

                          <body>

                          <form name="login" method="post" action="">

                          <p>

                          <label for="username">Username<br>

                          <input type="text" name="username" value="<?php if(isset($get_username)) {echo $get_username;} ?>">

                          </label>

                          <?php if(isset($error_username)) {echo $error_username;} ?>

                          </p>

                          <p>

                          <label for="password">Password<br>

                          <input type="text" name="password" value="<?php if(isset($get_password)) {echo $get_password;} ?>">

                          </label>

                          <?php if(isset($error_password)) {echo $error_password;} ?>

                          </p>

                          <p>

                          <input type="submit" name="submit" value="login">

                          </p>

                           

                          </form>

                          </body>

                          </html>

                           

                           

                           

                           

                           

                           

                          In the secure_page.php check to make sure the $username_correct and $password_correct SESSION variabes have been set or the 'intruder' gets sent back to the login.php page

                           

                          secure_page.php

                           

                           

                          <?php

                          session_start();

                          if(!isset($_SESSION['$username_correct']) && !isset($_SESSION['$password_correct'])) {

                              header('Location: login.php');

                          }

                          ?>

                          <!DOCTYPE html>

                          <html>

                          <head>

                          <meta charset="UTF-8" />

                          <title>Secure Page</title>

                          </head>

                           

                          <body>

                           

                           

                          <h1>Secure Page</h1>

                          </body>

                          </html>

                          • 10. Re: Dreamweaver login page
                            CJ Whitsett Level 1

                            Wow, that worked like magic!

                            Thanks for all the help!!!!

                            • 11. Re: Dreamweaver login page
                              CJ Whitsett Level 1

                              Wait a minute. I can enter anything and it goes right through. I think I don't understand this part:

                               

                              In the secure_page.php check to make sure the $username_correct and $password_correct SESSION variabes have been set or the 'intruder' gets sent back to the login.php page

                               

                              secure_page.php

                              <?php

                              session_start();

                              if(!isset($_SESSION['$username_correct']) && !isset($_SESSION['$password_correct'])) {

                                  header('Location: login.php');

                              }

                               

                              Am I supposed to change the word "correct" in each place to my username and password? now sure what you mean by making sure they have been set...

                              • 12. Re: Dreamweaver login page
                                osgood_ Level 8

                                CJ Whitsett wrote:

                                 

                                Wait a minute. I can enter anything and it goes right through. I think I don't understand this part:

                                 

                                 

                                That's because the SESSION variables are still set on YOUR computer. If you shut down your browser and re-open it the SESSION variables die and you will have to provide the correct details again before being taken to the secure page. You have to remember - the SESSION variables will not be set on anyones computer who has not provided the correct details.

                                 

                                If you try and enter the secure_page directly WITHOUT the SESSION variables being set you'll be taken back to the login.php page again UNTIL the SESSION variables have been set correctly again.

                                 

                                I hope that makes some sense.

                                • 13. Re: Dreamweaver login page
                                  Level 4

                                  You're probably able to go right through because you entered a correct username/password combination first to see if it worked, which set a session for the credentials being correct and allowing you access.

                                   

                                  The session was still active and you tried a different (wrong) username and password, but since the session for the username and password was already set to allow access the first time you tired it you're allowed access afterwards even though incorrect credentials were entered afterwards in a current active session.

                                   

                                  One way to prevent this is to unset the session variables in the "else" conditions that are looking to see if the username and or password values match the values in the array.

                                   

                                  best,

                                  Shocker

                                  • 14. Re: Dreamweaver login page
                                    CJ Whitsett Level 1

                                    Thanks, that did it. I'm in business!