PDA

View Full Version : Password protect one page not the whole site?



sgoree
01-13-2010, 01:30 AM
domain name is hillcresthuntingclubinc.com

I want to lock our members only page but not the rest of the site. I read and understand how to protect the site but not just one page. I probably overlooked it! Can anyone point me in the right direction?

navaldesign
01-13-2010, 07:10 AM
You need to use the new Login system in BV. Have a look at BV’s new built in Login system – a brief tutorial. (http://www.vodahost.com/vodatalk/bluevoda-general-issues/55281-bv-s-new-built-login-system-brief-tutorial.html)

sgoree
01-16-2010, 03:25 AM
I have just have had time to look over the info you suggested. It looks like to me I will not have to do all of the steps since I only want to lock one page. If this is true, then I think it should not be too difficult. Thanks for the help... I will let you know how it turns out.

sgoree
01-17-2010, 03:12 AM
OK... I tried just password protecting one page without all of the other steps- that did not work. SO, I have worked on this following the tutorial by the letter for the last 2.5 hrs. I am still having issues.

I set the AdminAcctActivation to True. I do not want just anyone to have an account. Where do I go to approve the account?
I created the admin page but when I bring up that page, it does not show any info (I created 2 different users thru the site) and it does not ask me to log in?
When I created a login and actually logged in, it did not take me anywhere. I have double checked that I specified the success page as our 'Members Only' page.
I am frustrated at this point. Can you please look at this mess I have created and tell me if I am even close?

Thanks in advance.

navaldesign
01-17-2010, 07:41 AM
If you want to password protect one (or more) page(s) with ONLY one password, you actually don't need to use the script.
Just Drag and Drop the SIngle Page Protect object in your page. Double click it, set the desired password and that's all. The page MUST be .php

Regarding your questions: to manage your users you need to go (online) to your administration page, in example in http://www.yourdomain.com/admin.php or whatever else you have named it.

When you do, it will display (after you login) a list of the users and a link to edit / delete each user, as well as a link to create new user etc.

In your case, this doesn't seem to work, so probably you have done something wrong.

Did you set (whilst publishing) Publish All Files ? If not, the necessary auxiliary files are not uploaded so it will not work.

Did you create the database file ?

I'm afraid that there is no way I can have a look without a link. But even with a link, since these are php pages, there is no way I can see your code and settings, to see what is wrong.

sgoree
01-18-2010, 02:03 AM
This has been the most difficult part of this project :)

OK, I went back and tried to use the protect one page. I made sure I had 'publish all'. The link takes me to the password request and when I input the password that I set, instead of getting the Members Only page I get the following error:
_________________________________________________
Not Found

The requested URL /index was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at www.hillcresthuntingclubinc.com Port 80
__________________________________________________

This is why I thought I had to go through the other steps. As for the link to my admin page it would be:
http://www.hillcresthuntingclubinc.com/loginadmin.php

When I decieded to go all the way with the login script, I followed the tutorial to the letter. As I went through it, I created each piece. In the first steps, it said to create and name a 'strange'db.php. I did that and was very careful to note the name of it in each piece. (not to say that I am above a mistake!)

I currently have 9 pages that are published just for this script:

accessdenied
changepass
changepass_confirm
forgotpass
login
loginadmin
resetconfirm
signup
signup_confirm

navaldesign
01-18-2010, 07:49 AM
The message you receive from the single protect indicates that the script tries to redirect to the page "index" which is entirely wrong, as the page should redirect to itself. So probably you have somehow inserted other redirecting code. If you wish copy / paste here the page code (or post it on your site) TAKEN FROM THE SERVER (not from BV)

Regarding the full script: rename your page from "loginadmin" to "admin" as the php script that is automatically uploaded has this name by default so most probably the two conflict. Publish the new page and test.

sgoree
01-20-2010, 02:24 AM
I hope this is what you requested - I did not have time to try the change on the admin page, but I will tomorrow.
__________________________________________________ ____________

<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
session_start();
unset($_SESSION['username']);
header('Location: http://www.hillcresthuntingclubinc.com/index');
exit;
}
?>
<?php
session_start();
$password = '';
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
$password = isset($_POST['password']) ? $_POST['password'] : '';
if ($password == 'icecream2010')
{
$_SESSION['password'] = $password;
}
}
else
{
$password = isset($_SESSION['password']) ? $_SESSION['password'] : '';
}
if ($password != 'icecream2010')
{
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">\n";
echo "<html>\n";
echo "<head>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=ISO-8859-1\">\n";
echo "<title>Members Only</title>\n";
echo "</head>\n";
echo "<body>\n";
echo "<center>\n";
echo "<br>\n";
if($_SERVER['REQUEST_METHOD'] == 'POST')
echo "<span style=\"font-size:11px;font-family:Verdana;font-weight:normal;text-decoration:none;color:#FF0000\">The specified password is invalid!<br><br><br></span>\n";
else
echo "<span style=\"font-size:11px;font-family:Verdana;font-weight:normal;text-decoration:none;color:#535353\">This page is password protected.<br><br><br></span>\n";
echo "<form method=\"post\" action=\"".basename(__FILE__)."\">\n";
echo " <table cellspacing=\"0\" cellpadding=\"3\" border=\"0\" bgcolor=\"#FFFFFF\" style=\"border:1px solid #535353;\">\n";
echo " <tr>\n";
echo " <td colspan=\"2\" bgcolor=\"#535353\" style=\"text-align:center;padding:4px;font-size:11px;font-family:Verdana;font-weight:normal;text-decoration:none;color:#FFFFFF\"><b>Login</b></td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td style=\"font-size:11px;font-family:Verdana;font-weight:normal;text-decoration:none;color:#535353\" align=\"right\" width=\"30%\" height=\"60\">Password:</td>\n";
echo " <td style=\"font-size:11px;font-family:Verdana;font-weight:normal;text-decoration:none;color:#535353\" align=\"left\" width=\"70%\" height=\"60\"><input type=\"password\" name=\"password\" value=\"\" style=\"border:1px solid #535353;width:120px;\">&nbsp;&nbsp;<input type=\"submit\" value=\"Login\"></td>\n";
echo " </tr>\n";
echo " </table>\n";
echo "</form>\n";
echo "</center>\n";
echo "</body>\n";
echo "</html>\n";
exit;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Members Only</title>
<meta name="GENERATOR" content="Created by BlueVoda">
<style type="text/css">
div#container
{
width: 994px;
position: relative;
margin-top: 0px;
margin-left: auto;
margin-right: auto;
text-align: left;
}
body
{
text-align: center;
margin: 0;
}
</style>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<script language="JavaScript" type="text/javascript">
<!--
function popupwnd(url, toolbar, menubar, locationbar, resize, scrollbars, statusbar, left, top, width, height)
{
var popupwindow = this.open(url, '', 'toolbar=' + toolbar + ',menubar=' + menubar + ',location=' + locationbar + ',scrollbars=' + scrollbars + ',resizable=' + resize + ',status=' + statusbar + ',left=' + left + ',top=' + top + ',width=' + width + ',height=' + height);
}
//-->
</script>
<style type="text/css">
img { behavior: url("pngfix.***"); }
</style>
</head>
<body background="membersonly_bkgrnd.png" bgcolor="#524326" text="#000000">
<div id="container">
<div id="bv_Image1" style="overflow:hidden;position:absolute;left:2px;top:1px ;z-index:0" align="left">
<img src="images/bv01144.png" id="Image1" alt="" align="top" border="0" style="width:987px;height:424px;"></div>
<img src="images/bv01145.png" align="top" alt="" border="0" width="450" height="89" style="position:absolute;left:11px;top:7px;width:450px;he ight:89px;z-index:1">
<div id="bv_Text1" style="position:absolute;left:352px;top:74px;width:98px;h eight:16px;z-index:2;" align="right">
<font style="font-size:13px" color="#000000" face="Arial">Est. 1974</font></div>
<div id="bv_Logout1" style="position:absolute;left:835px;top:324px;width:150px ;height:26px;z-index:3;" align="left">
<form name="logoutform" method="post" action="<?php echo basename(__FILE__); ?>" id="logoutform">
<input type="submit" name="logout"value="Logout" id="logout" style="color:#FFFFFF;background-color:#87765C;border-color:#000000;border-width:2px;border-style:solid;font-family:Cataneo BT;font-size:21px;width:150px;height:26px;" />
</form>
</div>
<div id="bv_Shape1" style="position:absolute;left:682px;top:324px;width:150px ;height:26px;z-index:4;" align="center">
<a href="./changepass.php"><img src="images/bv01491.gif" id="Shape1" align="top" alt="" title="" border="0" width="150" height="26"></a></div>
<div id="bv_Shape2" style="position:absolute;left:530px;top:324px;width:150px ;height:26px;z-index:5;" align="center">
<a href="http://www.hillcresthuntingclubinc.com/index"><img src="images/bv01492.gif" id="Shape2" align="top" alt="" title="" border="0" width="150" height="26"></a></div>
<div id="bv_Text2" style="position:absolute;left:8px;top:355px;width:972px;h eight:56px;background-color:#FFFFFF;z-index:6;" align="center">
<font style="font-size:21px" color="#000000" face="Cataneo BT">The Hillcrest Member Roster serves as a communication tool for you.&nbsp; If you find that your information is incorrect, please <a href="javascript:popupwnd('mailto:updates@hillcresthunti ngclubinc.com','no','no','no','no','no','no','','' ,'','')" target="_self">update</a> it now.</font></div>
</div>
</body>
</html>

sgoree
01-23-2010, 01:12 AM
I tried the script fix you suggested and it worked! We are up and running! You are the best. Thanks a million.

navaldesign
01-23-2010, 07:12 AM
In the page with the "Single Page Protect" you have this code, at the very start of the page:

<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
session_start();
unset($_SESSION['username']);
header('Location: http://www.hillcresthuntingclubinc.com/index');
exit;
}
?>


This redirects to the (non existing) page "index" (no extension.

What do you have this for ?

sgoree
01-26-2010, 03:10 AM
honestly I don't know... I did not write that into the script. All I did was drop the single page protect into the page and set the password. I am not sure what I did to make it redirect.

navaldesign
01-27-2010, 09:44 AM
This is the logout code added by the Logout object. Probably you have by mistake added this to your page also.