• 0

Need to create a way for users to login


Question

I'm a bit way over my head with this, haven't designed or coded webpages since 2002. I need a way for users to login using the website so they can download personal information such as W2 forms or timesheets. I am not sure if I would need to do this in .php or what. If anybody can give me some advice, I would appreciate it.

6 answers to this question

Recommended Posts

  • 0

You can use multiple types of code, php, asp, jsp etc.

 

Here's a simple php tutorial: http://www.phpeasystep.com/phptu/6.html

 

Make sure to secure your passwords with a hash, I recommend PBKDF2, bcrypt or scrypt if you want to be absolutely sure the password cannot be cracked even when your user database is stolen.

  • 0
  On 18/07/2014 at 02:41, HardSide said:

I should have been more clearer, I understand how to create a login, but I am not sure how to tie the login so the login can access certain files.

See step 4 that php code should be added to the pages which should only be available to users who are logged in.
  • 0

You might try something like this:

 

  1. Store the files you want to be only available to specific users in a web-inaccessible location (but one that PHP can read)
  2. Use something like this in a download script:
if ($loggedIn) {
        header("Content-type: application/msword");
        header("Content-disposition: attachment; filename=\"W2.doc\"");
        echo file_get_contents("/home/username/yoursite/JohnDoeW2.doc");
} else {
        echo "You are not authorized";
}

First, a conditional checks one of two possibilities: whether you're logged in or not. Then, it sets two headers. The first tells the browser it's going to receive a MS Word document, and the second tells it that it should download the file rather than show it in the browser. Here, you get to specify a name for the file that is different than the actual file itself (W2.doc). Then, you echo the contents of John Doe's W2 file (JohnDoeW2.doc). So if you go to the site and you're logged in, your browser will prompt you to download JohnDoeW2.doc - but it will be called W2.doc in the client. Hope that helps!

  • Like 2
  • 0
  On 24/07/2014 at 18:33, Moogey said:

You might try something like this:

 

  1. Store the files you want to be only available to specific users in a web-inaccessible location (but one that PHP can read)
  2. Use something like this in a download script:
if ($loggedIn) {
        header("Content-type: application/msword");
        header("Content-disposition: attachment; filename=\"W2.doc\"");
        echo file_get_contents("/home/username/yoursite/JohnDoeW2.doc");
} else {
        echo "You are not authorized";
}

First, a conditional checks one of two possibilities: whether you're logged in or not. Then, it sets two headers. The first tells the browser it's going to receive a MS Word document, and the second tells it that it should download the file rather than show it in the browser. Here, you get to specify a name for the file that is different than the actual file itself (W2.doc). Then, you echo the contents of John Doe's W2 file (JohnDoeW2.doc). So if you go to the site and you're logged in, your browser will prompt you to download JohnDoeW2.doc - but it will be called W2.doc in the client. Hope that helps!

Nice method for actually securing file download links!

  • 0
  On 24/07/2014 at 18:33, Moogey said:

You might try something like this:

 

  1. Store the files you want to be only available to specific users in a web-inaccessible location (but one that PHP can read)
  2. Use something like this in a download script:
if ($loggedIn) {
        header("Content-type: application/msword");
        header("Content-disposition: attachment; filename=\"W2.doc\"");
        echo file_get_contents("/home/username/yoursite/JohnDoeW2.doc");
} else {
        echo "You are not authorized";
}

First, a conditional checks one of two possibilities: whether you're logged in or not. Then, it sets two headers. The first tells the browser it's going to receive a MS Word document, and the second tells it that it should download the file rather than show it in the browser. Here, you get to specify a name for the file that is different than the actual file itself (W2.doc). Then, you echo the contents of John Doe's W2 file (JohnDoeW2.doc). So if you go to the site and you're logged in, your browser will prompt you to download JohnDoeW2.doc - but it will be called W2.doc in the client. Hope that helps!

nice little bit of code, though dont forget about the sessions! (if you need to know that as well) 

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • As it would on any other tech website whether it be Windows, Apple, etc. I wouldn’t expect it any other way.
    • Mozilla should shut down everything except the browser and the services they whitelabel (for example Firefox VPN from Mullvad). Everything else just cost them money and have never returned any revenue. Focusing in the browser is what makes sense considering what is going to change regarding their income sources. About Firefox and chromium... if they ever have to abandon Gecko because of financial issues it is more likely to use Apple's WebKit and not Chromium and Blink. WebKit is more versatile for Firefox because it will allow them even to keep Firefox's extension ecosystem. The same way GNOME Web which is a WebKit browser has experimental Firefox extension support.
    • I really dont like how they’ve put shadows under window elements making the sidebar and toolbar buttons look like they sit above the window itself. Looks very odd and clunky.
    • Rubbish. It's chock-full of ads and with manifest 3.0,the gloves are off. Google does not even pretend now. They want évil and want your data
    • Glary Utilities 6.27.0.31 by Razvan Serea Glary Utilities offers numerous powerful and easy-to-use system tools and utilities to fix, speed up, maintain and protect your PC. Glary Utilities allow you to clean common system junk files, as well as invalid registry entries and Internet traces. You can manage and delete browser add-ons, analyze disk space usage and find duplicate files. You can also view and manage installed shell extensions, encrypt your files from unauthorized access and use, split large files into smaller manageable files and then rejoin them. Furthermore, Glary Utilities includes the options to find, fix, or remove broken Windows shortcuts, manage the programs that start at Windows startup and uninstall software. All Glary Utilities tools can be accessed through an eye-pleasing and totally simplistic interface. Glary Utilities 6.27.0.31 changelog: Optimized Disk Cleaner: Optimized the scanning algorithm for Firefox to enhance user experience. Optimized Disk Cleaner: Added support for Nitro Pro 14. Optimized Tracks Eraser: Optimized the scanning algorithm for Firefox to enhance user experience. Optimized Tracks Eraser: Added support for Nitro Pro 14. Optimized Startup Manager: Optimized the review algorithm to enhance user experience. Optimized Uninstaller Manager: Optimized the scanning algorithm to enhance user experience. Minor GUI improvements. Minor bug fixes. Download: Glary Utilities 6.27.0.31 | 27.0 MB (Freeware) Download: Portable Glary Utilities | 32.3 MB View: Glary Utilities Homepage | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  • Recent Achievements

    • One Month Later
      Æhund earned a badge
      One Month Later
    • One Month Later
      CoolRaoul earned a badge
      One Month Later
    • First Post
      Kurotama earned a badge
      First Post
    • Collaborator
      Carltonbar earned a badge
      Collaborator
    • Explorer
      MusicLover2112 went up a rank
      Explorer
  • Popular Contributors

    1. 1
      +primortal
      508
    2. 2
      ATLien_0
      269
    3. 3
      +FloatingFatMan
      242
    4. 4
      +Edouard
      202
    5. 5
      snowy owl
      168
  • Tell a friend

    Love Neowin? Tell a friend!