.htaccess Password Protection
Even without using mySQl, users can still password protect their files through .htaccess password protection.
The code can be divided into 3 if-else statements:
1. If the user has not been validated, use the PHP header and request for a username and password.
2. Else, if the user’s name is “webworld” and the password is “webworld”, log in. Here, all the code for the user will be placed.
3. Else say the user/password failed.
//1st part
if (!isset($PHP_AUTH_USER))
{
header("WWW-Authenticate: Basic realm=\"webworld Password.\"");
Header("HTTP/1.0 401 Unauthorized");
exit;
}
//2nd part
else if(($PHP_AUTH_USER=="webworld") && ($PHP_AUTH_PW=="webworld"))
{
echo "You are logged in...";
//put the code for the whole user page in here
//you can also create a redirect to the user page if you want
}
//3rd part
else
{
echo "
//fail try again
}
?>
Remember that the username and password will remain for the whole session as long as explorer windows is open.