<?
if(isset($page)){
if($page == "1"){
include('admin.php');
echo "page 1!<br>\nThis page required the admin pass entered<p>\n<a href=\"javascript:history.go(-1);\">go back</a>";
}elseif($page == "2"){
echo "page 2!<p>\n<a href=\"javascript:history.go(-1);\">go back</a>";
}
}else{
include('admin.php');
echo "Just a test document for the admin script!<br>\n(you can see this if you get the username/password right)<p>\n<a href=\"$PHP_SELF?page=1\">page1</a> | <a href=\"$PHP_SELF?page=2\">page2</a>\n\n";
}
?>
This works all fine, and the pages with admin.php included need the user & pass entered. But when u go from "test.php?page=" to "test.php?page=1" the password needs to be entered again... i want to know how i can make it so i dont need to enter the password twice.
Will cookies be secure? -could i make an expiring cookie for the user & pass
I dont want to put the user & pass in the URL coz its shared
Question
mikey
this is test.php:
<? if(isset($page)){ if($page == "1"){ include('admin.php'); echo "page 1!<br>\nThis page required the admin pass entered<p>\n<a href=\"javascript:history.go(-1);\">go back</a>"; }elseif($page == "2"){ echo "page 2!<p>\n<a href=\"javascript:history.go(-1);\">go back</a>"; } }else{ include('admin.php'); echo "Just a test document for the admin script!<br>\n(you can see this if you get the username/password right)<p>\n<a href=\"$PHP_SELF?page=1\">page1</a> | <a href=\"$PHP_SELF?page=2\">page2</a>\n\n"; } ?>This is admin.php:
<? $set_username = "test"; $set_password = "test"; if(!isset($username)){ $username = $set_username; } if(!isset($password)){ $password = $set_password; } if((isset($user)) && (isset($pass))){ if(($user != $username) || ($pass != $password)){ echo "<font size=5>401 - Access Denied</font><p>\n"; echo "Invalid usename/password combination, please <a href=\"javascript:history.go(-1);\">try again</a>."; exit; } }else{ echo "<p align=center><font size=5><b>Authorisation Required</b></font></p>\n\n"; echo "<p align=\"center\">\n"; echo "<form name=\"authentication\" method=\"post\" action=\"$PHP_SELF\">\n"; echo "<table>\n"; echo "\t<tr>\n"; echo "\t\t<td><div align=\"right\">Username:</div></td>\n"; echo "\t\t<td><div align=\"left\">\n"; echo "\t\t<input type=\"text\" name=\"user\" value=\"$user\">\n"; echo "\t\t</div></td>\n"; echo "\t</tr>\n"; echo "\t<tr>\n"; echo "\t\t<td><div align=\"right\">Password:</div></td>\n"; echo "\t\t<td><div align=\"left\">\n"; echo "\t\t<input type=\"password\" name=\"pass\" value\"$pass\">\n"; echo "\t\t</div></td>\n"; echo "\t</tr>\n"; echo "\t<tr>\n"; echo "\t\t<td colspan=\"2\"><div align=\"center\">\n"; echo "\t\t<input type=\"submit\" name=\"Submit\" value=\"Submit\">\n"; echo "\t\t</div></td>\n"; echo "\t</tr>\n"; echo "</table>\n"; echo "</form>\n"; echo "</p>\n\n"; exit; } ?>This works all fine, and the pages with admin.php included need the user & pass entered. But when u go from "test.php?page=" to "test.php?page=1" the password needs to be entered again... i want to know how i can make it so i dont need to enter the password twice.
Will cookies be secure? -could i make an expiring cookie for the user & pass
I dont want to put the user & pass in the URL coz its shared
Link to comment
Share on other sites
1 answer to this question
Recommended Posts