How do you password protect a page in Frontpage?

They have: 8 posts

Joined: Feb 2006

Hi,

I'm new to web designing and new to TWF, so I don't know if this post is in the correct forum.

I've designed a simple site using Frontpage 2003. I'm trying to make one of the pages/part of the site accessible only to certain members by allowing them to input a password in a text box, before directing them to the page(s) in question.

Does anyone know how I can do this?

Any help would be much appreciated.

Thanks,

Budgie.

Busy's picture

He has: 6,151 posts

Joined: May 2001

You've put this in server side so ideally a server side language like PHP/MYSQL (mysql being the database) or ASP/SQL on windows server, depending on what your host offers.

I have a feeling you are not wanting the database option (hope I'm wrong).
This can be done in Javascript BUT the password would be viewable in the source code. So really server side is the way to go.

You'd need a database really to keep track of the members, their id's their passwords and other information you choose.
You'd have to let us know what server side language your host supports for more of a how to in the way of code.

There other ways, like with httpd file but you don't have much control over it, you'd set the name/password and only you could change it, all this would do is allow or deny access to the page, using a login from database you can redirect people to where ever you want.

Welcome to TWF

They have: 8 posts

Joined: Feb 2006

Thanks very much for your reply.

I think it's the latter that I need.

I want to set a password, which would be the same password for everyone and I need to change it periodically.

There would be a limited amount of people who need access to the protected pages, i.e. no more than 200 people. The protected pages aren't particularly sensitive - I just don't want all & sundry to have access to them.

It would be handy to know who, from the people, have accessed the pages, so I guess that they would need to input their name or email address aswell as the password.

How can I do this?

Budgie

Busy's picture

He has: 6,151 posts

Joined: May 2001

If you want to know who, then you'd need to keep record so a database is really what you need. They would just have to input name and password, you'd have other details like email on file (so to speak), problem is these people would have to sign up with the details first.
Does your host support PHP/MYSQL ?

They have: 8 posts

Joined: Feb 2006

Hi,

Yes, I have an option to upgrade to MySQL, PHP or CGI enabled webspace. Which do I need?

If I were compiling a database, what program do I need to do it in?

If I upgraded to any of the above, would doing the password thing be self explanatory or do I need to enter any scripts ...etc?

I really appreciate the time you've taken so far in helping me with this matter.

Budgie.

Busy's picture

He has: 6,151 posts

Joined: May 2001

PHP is the server side language you'd need
MYSQL is the database

Btw the 'upgrade' shouldn't cost you anything, if so take another look at your host, these are standard features these days.

You could browse places like hotscripts.com for a registration script or could write one your self (we can help) but you need to know what details you want to store.

Basic:
username
password
email
id - will automatically be assigned
status - (1-5 so you can have 5 levels of sign up/page view options)

Advanced.
real name (first and last)
sex (m or f, not how often or anything)
last sign on date
sign up date
birthday
...

Once you have sorted out what you want in the database (can be as simple as advanced as you want) you can create the database by code or from your control panel you should have phpmyadmin or similar with you can create it from.
The PHP code needed depends how you set up your database as to what fields to call.

While your getting your host set up and wait for a reply from myself or someone else you can do a search for PHP MYSQL tutorials if you want some light reading. At first it will look scary but once you understand the basics everything will connect

They have: 8 posts

Joined: Feb 2006

Hiya,

Ok - I've just upgraded to CGI/PHP and MySQL. I think you're right about my host. It cost me an additional £55.73 plus VAT.

RE: the database, I need the following information from clients:

FULL NAME
EMAIL ADDRESS
NAME OF ORGANISATION
HOME ADDRESS
HOME/LANDLINE CONTACT NUMBER
MOBILE NUMBER

I've read the tutorials on my host's support pages but they seemed rather vague, so I'll continue to read up on the Internet.

I really only want something as simple as the same password for all clients. It would be more or less the same clients over and over again, with maybe around 5 new clients per month, so I guess that the existing clients wouldn't have to enter all the above info everytime they log in - just their name & password.

Busy's picture

He has: 6,151 posts

Joined: May 2001

if you dont want to go thru phpmyadmin, create a page in notepad and save it as createdb.php and inside copy and paste the following:

<?php
/* start copying from here */

mysql_connect(\"localhost\",\"<strong>User</strong>\",\"<strong>Password</strong>\") or die (\" ERROR \");
mysql_select_db(\"<strong>Database</strong>\") or die (\" ERROR \");

if (mysql_query(\"CREATE TABLE <strong>database_name</strong> (
  id int(4) NOT NULL auto_increment,
  firstname varchar(20) NOT NULL,
  lastname varchar(30) NOT NULL,
  email varchar(50) NOT NULL,
  organisation varchar(30) NOT NULL,
  address varchar(65) NOT NULL,
  ph_numer varchar(20) NOT NULL,
  mob_number varchar(20) NOT NULL
) TYPE=MyISAM;\"))
{ echo \"Creating table <strong>database_name</strong> : Done\"; }
else { echo \"ERROR creating table <strong>database_name</strong> : Failed\"; }

/* stop copying here */
?>

User should be changed to your database username
password to your database password you set
database is the name of the database table you created
the database_name is the name of your database you choose
The id is an automatic number assigned to each member as they join, the number (4) will allow 9999 members, if you plan on having more than this change it to 5 or 6
The numbers in brackets are the maxlength of the items, I'm not sure what part of the world your in so things like address and ph number may be to short (here ph number are 7 digits and mob 9-12

That should take care of the database. now we need to make a html form to register, and another to login. If you know how to make a form, make one with all the options you wanted in the database (except the id one) and will show you next how to put it in the database (after some validation)

Just incase you don't understand the above (or if I made a boo boo) you could just download a ready made script from http://hotscripts.com/search/8826362.html

They have: 8 posts

Joined: Feb 2006

Ok - I've done that. Some of it made a bit of sense, but I wasn't entirely sure what I was supposed to call the database table and the database name. The database table is now called 'database1' which I found in the 'fpdb' folder on my computer and the database_name is now the name of my host, the same as my username which I found in account on my host's page.

I now have a file saved on my computer (amongst the other webpages) called createdb.php

I've also made a registration form and a login form in html. In the text boxes, should I be setting the 'form field properties' to match the php file? i.e. same names on the text boxes & same number of characters?

They have: 8 posts

Joined: Feb 2006

Quote: the database_name is now the name of my host, the same as my username

Sorry, to correct that - it's now the name of my host followed by my username. I'm not sure if this is right.

Busy's picture

He has: 6,151 posts

Joined: May 2001

I made a slight boo boo in that code, it needs

<?php
</strong> at the very top and <strong>
?>
at the very bottom of the page you created (or will just display as text).
Upload that file and point your browser to it ie: yourwebsite.not/createdb.php

The login form will only use the name and password, or email and password, which ever you prefer. make the form fields to similar or same names as databse, ie name="fname" or name="firstname".

the register form can be register.php and login form can be anything but will work with login.php
Note, you will not be able to view these (.php) pages on your computer unless you download and install a php/mysql/apache bundle.

make the action of the form the same page as it's on (register.php and login.php) and method will be post on both as well.

You can be secure or as loose as you want for the registration.

the register.php page will eventually be set out like:

submitted form validation
insert into database if all ok, send email and thank then or send to login page
display form if not been sent or error

The login page will be:

validation of submitted info (from database)
entry into a sub menu or whatever
if validation failed give error message
display form if not submitted

Sorry am a bit rushed this morning, will have to finish it tonight, or if someone else just wants to do the php part from form ie: if (trim(htmlspecialchars($_POST['fname'])) > 2)

They have: 8 posts

Joined: Feb 2006

Hiya,

I keep getting errors when I point the browser to the php file.
Firstly the errors comprised of unexpected '[' (or something like that) on line 19 (I think) and then unexpected '/b' on line 3 ...etc.

I've corrected these, but now the form just returns the Error message and nothing else.

Is there a really simple code that I could use with just a username and a predetermined password, just so I could try it out?

I've had a look on Hotscripts as you suggested, but I don't really want the forms ..etc that display the adverts.

Sorry about all this. I realise you're "Busy".

Busy's picture

He has: 6,151 posts

Joined: May 2001

Sorry that is my fault, the User should of been bold, I didn't check it (bad habit of that).
replace the User with your username you set the database up with, same for password and the others.

You need to set up the database first before you can use the login form (it need somewhere to check from).

I'm sorry I'm going to have to put you off again, has been really long day and is past my bedtime already, I am stuffed and have another long day tomorrow.
I promise I'll give you some code tomorrow, if I don't have time to write it out (and explain it) I'll grab one from hotscripts and take the form etc out of it and post the code to use with instructions.

I often live up to my nickname

Busy's picture

He has: 6,151 posts

Joined: May 2001

Ok I have run out of time again but have thrown together some code for you, I haven't tested it so it will either work or will give an error, try it and see.
The validation is basic but should be enough for your friends, you may want to adjust the length (number besides the less than signs) to suit your needs.
You need two pages, register.php and login.php
register.php

<?php
$_POST
['action'] = isSet($_POST['action']) ? $_POST['action'] : '';   
if(
$_POST['action'] == 'first')
{

   
$_POST['fname'] = trim(htmlspecialchars($_POST['fname']));
    if((empty(
$_POST['fname'])) || (strlen($_POST['fname'])< '2'))
    {
       
$err=1;
       
$the_errors .= \"<b>First name:</b> Must be more than 2 characters/digits long<br />\";        
    }

   
$_POST['lname'] = trim(htmlspecialchars($_POST['lname']));
    if((empty(
$_POST['lname'])) || (strlen($_POST['lname'])< '2'))
    {
       
$err=1;
       
$the_errors .= \"<b>Last name:</b> Must be more than 2 characters/digits long<br />\";        
    }

    
$_POST['email'] = trim($_POST['email']);
    if((strlen(
$_POST['email'])<5) || (empty($_POST['email'])))
    {
       
$err=1;
       
$the_errors .= \"<b>Email:</b> Please enter a valid email address.<br />\";
       
    }
    elseif(!eregi(\"^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+([\.][a-z0-9-]+)+$\",
$_POST['email']))
    {
       
$err = 1;
       
$the_errors .= \"<b>Email:</b> Please enter a valid email address.<br />\";
   
    }

   
$_POST['orga'] = trim(htmlspecialchars($_POST['orga']));
    if((empty(
$_POST['orga'])) || (strlen($_POST['orga'])< '2'))
    {
       
$err=1;
       
$the_errors .= \"<b>Organisation:</b> Must be more than 2 characters/digits long<br />\";        
    }

   
$_POST['addy'] = trim(htmlspecialchars($_POST['addy']));
    if((empty(
$_POST['addy'])) || (strlen($_POST['addy'])< '10'))
    {
       
$err=1;
       
$the_errors .= \"<b>Postal address:</b> Must be more than 10 characters/digits long<br />\";        
    }


   
$_POST['phnum'] = trim(htmlspecialchars($_POST['phnum']));
    if((empty(
$_POST['phnum'])) || (strlen($_POST['phnum'])< '8'))
    {
       
$err=1;
       
$the_errors .= \"<b>Phone Number:</b> Must be more than 8 digits long<br />\";        
    }

   
$_POST['mobnum'] = trim(htmlspecialchars($_POST['mobnum']));
    if((empty(
$_POST['mobnum'])) || (strlen($_POST['mobnum'])< '8'))
    {
       
$err=1;
       
$the_errors .= \"<b>Postal address:</b> Must be more than 8 characters/digits long<br />\";        
    }

    if(
$err == 0)
    {
   
    /*change User, Password and Database to what you set your database up with */
mysql_connect(\"localhost\",\"User\",\"Password\") or die (\" ERROR \");
mysql_select_db(\"Database\") or die (\" ERROR \");

    /* change database name to yoru database name */

$sql=\"INSERT INTO databasename (firstname, lastname, email, organisation, address, ph_number, mob_number)
    VALUES ('\". Addslashes(
$_POST[fname]).\"', '\". Addslashes($_POST[lname]).\"', '\". Addslashes($_POST[fname]).\"', '\".
Addslashes(
$_POST[email]).\"', '\". Addslashes($_POST[orga]).\"', '\". Addslashes($_POST[addy]).\"', '\". Addslashes($_POST[phnum]).\"', '\".
Addslashes(
$_POST[mobnum]).\"')\";
       
$res=mysql_query ($sql);
        if (
$res==0)
        {
           
$err=1;
             echo
$sql .\"<br />\";
        }

    }
}



if((
$_POST['action'] == '') || ($_POST['action'] == 'first' && $err))
{

<form name=\"registration\" action=\"register.php\" method=\"post\">
<input type=\"hidden\" name=\"action\" value=\"first\" />
First name <input tyep=\"text\" name=\"fname\" />
Last name <input type=\"text\" name=\"lname\" />
Email <input tyep=\"text\" name=\"email\" />
Organisation <input tyep=\"text\" name=\"orga\" />
Postal address <input tyep=\"text\" name=\"addy\" />
Phone number <input tyep=\"text\" name=\"phnum\" />
Mobile phone <input tyep=\"text\" name=\"mobnum\" />
<input type=\"submit\" value=\" Register Me \" />

}

if(
$_POST['action'] == 'first' && !$err)
{

<div class=\"title\">Your registration has been successful.</div>

<div align=\"center\">
<br />
Thank you for joining my site and becoming our newest member.<br /><br />
A confirmation email has been sent to: <em>=
$email</em><br /><br />

You can login <a href=\"login.php\">here at any time</a>.<br />
</div>

}
?>

login.php

<?php
   
if($_POST['dowhat'] == 'login')
    {
   
   
/*change User, Password and Database to what you set your database up with */
   
mysql_connect(\"localhost\",\"User\",\"Password\") or die (\" ERROR \");
mysql_select_db(\"Database\") or die (\" ERROR \");
   
       
$username = addslashes($_POST['username']);
       
$password = addslashes($_POST['password']);
    /* change database name to yoru database name */   
       
$query = \"select username,password from databasename where nick='\".$username.\"' AND password='\".$password.\"'\";
       
$res = mysql_query($query);

        if(mysql_num_rows(
$res) == 0)
        {
           
$err=1;
            echo \"Login incorrect\";
        //    exit;
        }
        /* change the index.php to the page you want them to see or attach the page here and remove the following line but leave the exit; */
    Header(\"Location: index.php\");
    exit;       
}

<form name=\"user_login\" action=\"login.php\" method=\"post\">
<input type=\"text\" name=\"username\" size=\"20\" maxlength=\"20\" />
<input type=\"password\" name=\"password\" size=\"20\" maxlength=\"20\" />
<input type=\"hidden\" name=\"dowhat\" value=\"login\" />
<input type=\"submit\" name=\"\" value=\"Login\" />
?>

Busy's picture

He has: 6,151 posts

Joined: May 2001

in the code there are a couple of comments (comments look like /* and */ there are in orange above)
they tell you which parts to change, they are your username, password and database names you used to set your database up with.
Also at end of login page you need to define another page or put the page you want them to see there.

Now this code is only basic, and there is a lot more you can do (like encrypt the password, count how many login attempts ....) but sadly time hasn't been on my side of late.
If you have a whole section where you will allow people to view after logging in you will need a cookie to keep track of the login so are not asked each time they login.

They have: 8 posts

Joined: Feb 2006

Hiya,

I really appreciate that. Thanks for taking the time to do it.

I'm going to be a bit busy myself over the next couple of days with work, so I'll sort it out as soon as I get chance to and I'll let you know what happens.

Thanks again,

Budgie.

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.