How do you password protect a page in Frontpage?
Hi,
I'm new to web designing and new to TWF, so I don't know if this post is in the correct forum.
I've designed a simple site using Frontpage 2003. I'm trying to make one of the pages/part of the site accessible only to certain members by allowing them to input a password in a text box, before directing them to the page(s) in question.
Does anyone know how I can do this?
Any help would be much appreciated.
Thanks,
Budgie.
Busy posted this at 08:55 — 23rd February 2006.
He has: 6,151 posts
Joined: May 2001
You've put this in server side so ideally a server side language like PHP/MYSQL (mysql being the database) or ASP/SQL on windows server, depending on what your host offers.
I have a feeling you are not wanting the database option (hope I'm wrong).
This can be done in Javascript BUT the password would be viewable in the source code. So really server side is the way to go.
You'd need a database really to keep track of the members, their id's their passwords and other information you choose.
You'd have to let us know what server side language your host supports for more of a how to in the way of code.
There other ways, like with httpd file but you don't have much control over it, you'd set the name/password and only you could change it, all this would do is allow or deny access to the page, using a login from database you can redirect people to where ever you want.
Welcome to TWF
budgie posted this at 12:54 — 23rd February 2006.
They have: 8 posts
Joined: Feb 2006
Thanks very much for your reply.
I think it's the latter that I need.
I want to set a password, which would be the same password for everyone and I need to change it periodically.
There would be a limited amount of people who need access to the protected pages, i.e. no more than 200 people. The protected pages aren't particularly sensitive - I just don't want all & sundry to have access to them.
It would be handy to know who, from the people, have accessed the pages, so I guess that they would need to input their name or email address aswell as the password.
How can I do this?
Budgie
Busy posted this at 21:00 — 23rd February 2006.
He has: 6,151 posts
Joined: May 2001
If you want to know who, then you'd need to keep record so a database is really what you need. They would just have to input name and password, you'd have other details like email on file (so to speak), problem is these people would have to sign up with the details first.
Does your host support PHP/MYSQL ?
budgie posted this at 00:03 — 24th February 2006.
They have: 8 posts
Joined: Feb 2006
Hi,
Yes, I have an option to upgrade to MySQL, PHP or CGI enabled webspace. Which do I need?
If I were compiling a database, what program do I need to do it in?
If I upgraded to any of the above, would doing the password thing be self explanatory or do I need to enter any scripts ...etc?
I really appreciate the time you've taken so far in helping me with this matter.
Budgie.
Busy posted this at 08:04 — 24th February 2006.
He has: 6,151 posts
Joined: May 2001
PHP is the server side language you'd need
MYSQL is the database
Btw the 'upgrade' shouldn't cost you anything, if so take another look at your host, these are standard features these days.
You could browse places like hotscripts.com for a registration script or could write one your self (we can help) but you need to know what details you want to store.
Basic:
username
password
email
id - will automatically be assigned
status - (1-5 so you can have 5 levels of sign up/page view options)
Advanced.
real name (first and last)
sex (m or f, not how often or anything)
last sign on date
sign up date
birthday
...
Once you have sorted out what you want in the database (can be as simple as advanced as you want) you can create the database by code or from your control panel you should have phpmyadmin or similar with you can create it from.
The PHP code needed depends how you set up your database as to what fields to call.
While your getting your host set up and wait for a reply from myself or someone else you can do a search for PHP MYSQL tutorials if you want some light reading. At first it will look scary but once you understand the basics everything will connect
budgie posted this at 15:15 — 24th February 2006.
They have: 8 posts
Joined: Feb 2006
Hiya,
Ok - I've just upgraded to CGI/PHP and MySQL. I think you're right about my host. It cost me an additional £55.73 plus VAT.
RE: the database, I need the following information from clients:
FULL NAME
EMAIL ADDRESS
NAME OF ORGANISATION
HOME ADDRESS
HOME/LANDLINE CONTACT NUMBER
MOBILE NUMBER
I've read the tutorials on my host's support pages but they seemed rather vague, so I'll continue to read up on the Internet.
I really only want something as simple as the same password for all clients. It would be more or less the same clients over and over again, with maybe around 5 new clients per month, so I guess that the existing clients wouldn't have to enter all the above info everytime they log in - just their name & password.
Busy posted this at 09:53 — 25th February 2006.
He has: 6,151 posts
Joined: May 2001
if you dont want to go thru phpmyadmin, create a page in notepad and save it as createdb.php and inside copy and paste the following:
<?php
/* start copying from here */
mysql_connect(\"localhost\",\"<strong>User</strong>\",\"<strong>Password</strong>\") or die (\" ERROR \");
mysql_select_db(\"<strong>Database</strong>\") or die (\" ERROR \");
if (mysql_query(\"CREATE TABLE <strong>database_name</strong> (
id int(4) NOT NULL auto_increment,
firstname varchar(20) NOT NULL,
lastname varchar(30) NOT NULL,
email varchar(50) NOT NULL,
organisation varchar(30) NOT NULL,
address varchar(65) NOT NULL,
ph_numer varchar(20) NOT NULL,
mob_number varchar(20) NOT NULL
) TYPE=MyISAM;\"))
{ echo \"Creating table <strong>database_name</strong> : Done\"; }
else { echo \"ERROR creating table <strong>database_name</strong> : Failed\"; }
/* stop copying here */
?>
User should be changed to your database username
password to your database password you set
database is the name of the database table you created
the database_name is the name of your database you choose
The id is an automatic number assigned to each member as they join, the number (4) will allow 9999 members, if you plan on having more than this change it to 5 or 6
The numbers in brackets are the maxlength of the items, I'm not sure what part of the world your in so things like address and ph number may be to short (here ph number are 7 digits and mob 9-12
That should take care of the database. now we need to make a html form to register, and another to login. If you know how to make a form, make one with all the options you wanted in the database (except the id one) and will show you next how to put it in the database (after some validation)
Just incase you don't understand the above (or if I made a boo boo) you could just download a ready made script from http://hotscripts.com/search/8826362.html
budgie posted this at 20:16 — 25th February 2006.
They have: 8 posts
Joined: Feb 2006
Ok - I've done that. Some of it made a bit of sense, but I wasn't entirely sure what I was supposed to call the database table and the database name. The database table is now called 'database1' which I found in the 'fpdb' folder on my computer and the database_name is now the name of my host, the same as my username which I found in account on my host's page.
I now have a file saved on my computer (amongst the other webpages) called createdb.php
I've also made a registration form and a login form in html. In the text boxes, should I be setting the 'form field properties' to match the php file? i.e. same names on the text boxes & same number of characters?
budgie posted this at 20:20 — 25th February 2006.
They have: 8 posts
Joined: Feb 2006
Sorry, to correct that - it's now the name of my host followed by my username. I'm not sure if this is right.
Busy posted this at 20:39 — 25th February 2006.
He has: 6,151 posts
Joined: May 2001
I made a slight boo boo in that code, it needs at the very bottom of the page you created (or will just display as text).
<?php
</strong> at the very top and <strong>
?>
Upload that file and point your browser to it ie: yourwebsite.not/createdb.php
The login form will only use the name and password, or email and password, which ever you prefer. make the form fields to similar or same names as databse, ie name="fname" or name="firstname".
the register form can be register.php and login form can be anything but will work with login.php
Note, you will not be able to view these (.php) pages on your computer unless you download and install a php/mysql/apache bundle.
make the action of the form the same page as it's on (register.php and login.php) and method will be post on both as well.
You can be secure or as loose as you want for the registration.
the register.php page will eventually be set out like:
submitted form validation
insert into database if all ok, send email and thank then or send to login page
display form if not been sent or error
The login page will be:
validation of submitted info (from database)
entry into a sub menu or whatever
if validation failed give error message
display form if not submitted
Sorry am a bit rushed this morning, will have to finish it tonight, or if someone else just wants to do the php part from form ie: if (trim(htmlspecialchars($_POST['fname'])) > 2)
budgie posted this at 03:53 — 26th February 2006.
They have: 8 posts
Joined: Feb 2006
Hiya,
I keep getting errors when I point the browser to the php file.
Firstly the errors comprised of unexpected '[' (or something like that) on line 19 (I think) and then unexpected '/b' on line 3 ...etc.
I've corrected these, but now the form just returns the Error message and nothing else.
Is there a really simple code that I could use with just a username and a predetermined password, just so I could try it out?
I've had a look on Hotscripts as you suggested, but I don't really want the forms ..etc that display the adverts.
Sorry about all this. I realise you're "Busy".
Busy posted this at 09:50 — 26th February 2006.
He has: 6,151 posts
Joined: May 2001
Sorry that is my fault, the User should of been bold, I didn't check it (bad habit of that).
replace the User with your username you set the database up with, same for password and the others.
You need to set up the database first before you can use the login form (it need somewhere to check from).
I'm sorry I'm going to have to put you off again, has been really long day and is past my bedtime already, I am stuffed and have another long day tomorrow.
I promise I'll give you some code tomorrow, if I don't have time to write it out (and explain it) I'll grab one from hotscripts and take the form etc out of it and post the code to use with instructions.
I often live up to my nickname
Busy posted this at 09:33 — 27th February 2006.
He has: 6,151 posts
Joined: May 2001
Ok I have run out of time again but have thrown together some code for you, I haven't tested it so it will either work or will give an error, try it and see.
The validation is basic but should be enough for your friends, you may want to adjust the length (number besides the less than signs) to suit your needs.
You need two pages, register.php and login.php
register.php
<?php
$_POST['action'] = isSet($_POST['action']) ? $_POST['action'] : '';
if($_POST['action'] == 'first')
{
$_POST['fname'] = trim(htmlspecialchars($_POST['fname']));
if((empty($_POST['fname'])) || (strlen($_POST['fname'])< '2'))
{
$err=1;
$the_errors .= \"<b>First name:</b> Must be more than 2 characters/digits long<br />\";
}
$_POST['lname'] = trim(htmlspecialchars($_POST['lname']));
if((empty($_POST['lname'])) || (strlen($_POST['lname'])< '2'))
{
$err=1;
$the_errors .= \"<b>Last name:</b> Must be more than 2 characters/digits long<br />\";
}
$_POST['email'] = trim($_POST['email']);
if((strlen($_POST['email'])<5) || (empty($_POST['email'])))
{
$err=1;
$the_errors .= \"<b>Email:</b> Please enter a valid email address.<br />\";
}
elseif(!eregi(\"^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+([\.][a-z0-9-]+)+$\",$_POST['email']))
{
$err = 1;
$the_errors .= \"<b>Email:</b> Please enter a valid email address.<br />\";
}
$_POST['orga'] = trim(htmlspecialchars($_POST['orga']));
if((empty($_POST['orga'])) || (strlen($_POST['orga'])< '2'))
{
$err=1;
$the_errors .= \"<b>Organisation:</b> Must be more than 2 characters/digits long<br />\";
}
$_POST['addy'] = trim(htmlspecialchars($_POST['addy']));
if((empty($_POST['addy'])) || (strlen($_POST['addy'])< '10'))
{
$err=1;
$the_errors .= \"<b>Postal address:</b> Must be more than 10 characters/digits long<br />\";
}
$_POST['phnum'] = trim(htmlspecialchars($_POST['phnum']));
if((empty($_POST['phnum'])) || (strlen($_POST['phnum'])< '8'))
{
$err=1;
$the_errors .= \"<b>Phone Number:</b> Must be more than 8 digits long<br />\";
}
$_POST['mobnum'] = trim(htmlspecialchars($_POST['mobnum']));
if((empty($_POST['mobnum'])) || (strlen($_POST['mobnum'])< '8'))
{
$err=1;
$the_errors .= \"<b>Postal address:</b> Must be more than 8 characters/digits long<br />\";
}
if($err == 0)
{
/*change User, Password and Database to what you set your database up with */
mysql_connect(\"localhost\",\"User\",\"Password\") or die (\" ERROR \");
mysql_select_db(\"Database\") or die (\" ERROR \");
/* change database name to yoru database name */
$sql=\"INSERT INTO databasename (firstname, lastname, email, organisation, address, ph_number, mob_number)
VALUES ('\". Addslashes($_POST[fname]).\"', '\". Addslashes($_POST[lname]).\"', '\". Addslashes($_POST[fname]).\"', '\".
Addslashes($_POST[email]).\"', '\". Addslashes($_POST[orga]).\"', '\". Addslashes($_POST[addy]).\"', '\". Addslashes($_POST[phnum]).\"', '\".
Addslashes($_POST[mobnum]).\"')\";
$res=mysql_query ($sql);
if ($res==0)
{
$err=1;
echo $sql .\"<br />\";
}
}
}
if(($_POST['action'] == '') || ($_POST['action'] == 'first' && $err))
{
<form name=\"registration\" action=\"register.php\" method=\"post\">
<input type=\"hidden\" name=\"action\" value=\"first\" />
First name <input tyep=\"text\" name=\"fname\" />
Last name <input type=\"text\" name=\"lname\" />
Email <input tyep=\"text\" name=\"email\" />
Organisation <input tyep=\"text\" name=\"orga\" />
Postal address <input tyep=\"text\" name=\"addy\" />
Phone number <input tyep=\"text\" name=\"phnum\" />
Mobile phone <input tyep=\"text\" name=\"mobnum\" />
<input type=\"submit\" value=\" Register Me \" />
}
if($_POST['action'] == 'first' && !$err)
{
<div class=\"title\">Your registration has been successful.</div>
<div align=\"center\">
<br />
Thank you for joining my site and becoming our newest member.<br /><br />
A confirmation email has been sent to: <em>=$email</em><br /><br />
You can login <a href=\"login.php\">here at any time</a>.<br />
</div>
}
?>
login.php
<?php
if($_POST['dowhat'] == 'login')
{
/*change User, Password and Database to what you set your database up with */
mysql_connect(\"localhost\",\"User\",\"Password\") or die (\" ERROR \");
mysql_select_db(\"Database\") or die (\" ERROR \");
$username = addslashes($_POST['username']);
$password = addslashes($_POST['password']);
/* change database name to yoru database name */
$query = \"select username,password from databasename where nick='\".$username.\"' AND password='\".$password.\"'\";
$res = mysql_query($query);
if(mysql_num_rows($res) == 0)
{
$err=1;
echo \"Login incorrect\";
// exit;
}
/* change the index.php to the page you want them to see or attach the page here and remove the following line but leave the exit; */
Header(\"Location: index.php\");
exit;
}
<form name=\"user_login\" action=\"login.php\" method=\"post\">
<input type=\"text\" name=\"username\" size=\"20\" maxlength=\"20\" />
<input type=\"password\" name=\"password\" size=\"20\" maxlength=\"20\" />
<input type=\"hidden\" name=\"dowhat\" value=\"login\" />
<input type=\"submit\" name=\"\" value=\"Login\" />
?>
Busy posted this at 09:39 — 27th February 2006.
He has: 6,151 posts
Joined: May 2001
in the code there are a couple of comments (comments look like /* and */ there are in orange above)
they tell you which parts to change, they are your username, password and database names you used to set your database up with.
Also at end of login page you need to define another page or put the page you want them to see there.
Now this code is only basic, and there is a lot more you can do (like encrypt the password, count how many login attempts ....) but sadly time hasn't been on my side of late.
If you have a whole section where you will allow people to view after logging in you will need a cookie to keep track of the login so are not asked each time they login.
budgie posted this at 23:07 — 27th February 2006.
They have: 8 posts
Joined: Feb 2006
Hiya,
I really appreciate that. Thanks for taking the time to do it.
I'm going to be a bit busy myself over the next couple of days with work, so I'll sort it out as soon as I get chance to and I'll let you know what happens.
Thanks again,
Budgie.
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.