Set The HTTPS Username And Password Using Php/flash And Then Open The Secure Page.
My hosts allow secure https logins on specific directories. What I want to do is have a login screen in flash, if the user enters the correct username and password I would like to set the HTTPS username and password using php/flash and then open the secure page.
In my mind at this point they'll be logged in and then can navigate the secure page without seeing the browsers https login dialog. Am I kidding myself, or is this possible?
They're config is the following:
PHP Version 4.3.11
4.9-STABLE FreeBSD
Zend Engine v1.3.0
Apache/1.3.33 (Unix) PHP/4.3.11 mod_ssl/2.8.22 OpenSSL/0.9.7c
FrontPage/5.0.2.2635 mod_throttle/3.1.2
View Complete Forum Thread with Replies
Related Forum Messages:
Php (4.4) Configured To Open Secure URLs (https)?
I use apache, Php and MySql on my Windows XP machine at home. I have been doing so successfully now for a long time. However, I am now trying to use fopen to open secure URLs (https) and having no luck. I have installed openssl and enabled the extension (phpinfo says so, too). But still it does not work. I now realize that I need to have https and ftps as registered streams, i.e., Registered PHP Streams php, http, ftp, https, ftps, compress.zlib (from phpinfo at my hosting provider) When I run phpinfo on my version of Php (which I just downloaded from php.net) it says, Registered PHP Streams php, http, ftp, compress.zlib I've been reading forum posts saying to compile Php with "--with-openssl in your ./configure command." Well, I do not compile Php from source (don't even have a C compiler). I always download binaries (like php-4.4.0-Win32.zip that I downloaded today from php.net). How do I get a binary that was compiled with openssl in the configure command? Or if I am misunderstanding something here, what is is that I need to do?
View Replies !
Forcing Secure Page (https)
I am a novice at secure pages (just installed mod_ssl and open_ssl). The main question I have: If a page is "secure" (https://blah) and you don't want people to get there by typing http://blah, how to you stop that? I want users to login, but I want the login to be https://domain/login.php not http://domain/login.php. How do I stop someone from being able to access the login page insecurely?
View Replies !
How To Open Random Flash Page Using Hyperlink?
I'm new to using PHP so please bear with me. I'm trying to create a hyperlink that will open a random Flash page so that users will see a different flash module each time. Here is some of the code that I wrote but I'm not sure if it'll work since I'm not very good at coding. Oh yeah, I'm not using a database either. // random_menu.html <head> <?php $i = rand(0,3); ?> </head> <body> <a href = "www.x.com/random.php?i=$i">x</a> </body> --------------------------- // random.php <head> <?php $i = $_post["i"]; if ($i = = 0){ $value = "a"; } else if ($i = = 1){ $value = "b"; } ...etc. </head> <body> <object> <param name="movie" value="$value"> <embed src="$value"></embed> </object> </body> Please help if you know how to do this.
View Replies !
Trying To Create A Login Page Username Password...
i would like to control acces using username password login page, on my host they are using myphpadmin and i was able to create the DB but using dreamweaver i cant see the tables. Where to start, is there any tools that will facilitate this request, or am i doing something wrong with dreamweaver.
View Replies !
Query The Database At The Beginning Of Every Page And Make Sure The Password Matches The Username?
I've got a login page that accepts a username and password. The action script for the form on the login page encrypts the password and then queries a database to see if the username and password jive. If they do, the user is "logged in"; that is, a session is started (I'm using php 4) and the variables "username" and "password" are registered along with some other vars. In subsequent pages that require authentication, I include a file that looks like this: if( !($PHPSESSID && $username && $password) ) { // User has not been logged in...go to login page header("Location: ${basename}login.php"); exit;} Is that enough? Or do I need to query the database at the beginning of every page and make sure the password matches the username? I didn't do that to begin with because of the overhead involved.
View Replies !
Browser Based Ftp Login - HTML Page Where Users Type In A Username And Password
First let me say that I don't really know PHP at all. What I want to do is have an HTML page where users type in a username and password. After they click submit they are redirected to "ftp://username:password@domain.com" where they can download and upload files to their folder. Each username will have a folder in the directory that has the same name as the username. `So if "Mark" logs in, I want him to see the contents of the "Mark" folder where he can upload and download files. I don't want him to have access to anything else. As I know nothing, I did a lot of reading up and researching on how to do this (lots of great information on this site by the way) but the PHP code might still be way off. Here is the code I have so far: for the html login page: <html> <body> <form name="form" method="post" action="ftp.php"> Username: <input name="username" type="text" size="30"> Password: <input name="password" type="password" size="30"> <input type="Submit" size="8" value="Submit"></p> </form> </body> </html> the code for the ftp.php page is : <?php $ftp_server = 'domain.com' //domain being the future website domain $ftp_username =$_POST['username']; $ftp_password =$_POST['password']; $location = 'ftp://$ftp_username:$ftp_password@$ftp_server' header('Location: $location'); $ftp_connect_id = ftp_connect($ftp_server); $ftp_login = ftp_login($ftp_connect_id, $ftp_username, $ftp_password); if (! $ftp_connect_id || ! $ftp_login) { echo "Unable to connect to ".$ftp_server; exit; } else { echo "Connected to host "<p>"; } ftp_close($ftp_connect_id); ?> right now, when i check it, I log on the html page and go the the php page where all it says is "Connected to host." I don't see the "ftp://username:password@domain.com" that I want to see.
View Replies !
Open/read A Remote Https File?
How can I do this? cURL isn't available. I have tried Code: $filename = "https://friends.domain.com/file.aspx; $handle = fopen($filename, "r"); But $handle doesn't seems to exists Any suggestions??
View Replies !
Open A Https Url On A Special Port ? (asp/ajax Inside)
I'm trying to translate an asp application in a php way, i'm using Php 4.3.x. I'm going to try an asp newsgroup too, but as it mainly deals with Php, I would like to submit you my probem : I have to retrieve some XML datas from a server whose URL is built like that : https://myserver:4012/code/myapp?param1=3; I tried fopen, fsockopen with no result. So it's https, there is a port (4012 for example). Perhaps I forgot some particular https parameters with my fopen and fsockopen tries ? The original asp code is : --- Set myxml = Server.CreateObject("Msxml2.ServerXMLHTTP.4.0") ' Opens the connection to the remote server : xml.Open "GET", url, False --- Php methods didn't work so I tried the ajax way : if(window.XMLHttpRequest){ // Firefox, Safari, Opera... req = new XMLHttpRequest(); } else if(window.ActiveXObject) { // Internet Explorer 5+ req = new ActiveXObject("Microsoft.XMLHTTP"); } else { alert('Problem creating the XMLHttpRequest object'); return false; } return req; .... But i'm not sure the ActiveXObject is identical to the original : Set myxml = Server.CreateObject("Msxml2.ServerXMLHTTP.4.0")
View Replies !
Open A Picture In Flash
I'm building a photo database with php and mysql. After a search the result is displayed with thumbnails. When I click on a thumbnail the picture gets bigger. I need a way to protect the large pictures from beeing downloaded. One idea I have is to use flash to show the large picture. But how do I do that from php? Or is there better ways to protect the pictures?
View Replies !
Username And Password
I've got this 'helpdesk' application where people can simply fill out a form and send it off. Each time they have to type in their name, phone number and email address- then answer the questions that they're having problems with. I'd rather store that common non-variable info in a database and pull it out so that they don't have to type it in each time. Is this possible without issuing each individual their own username/password? Or would it be best to have each person log in one time and create their own accounts? Before I just had 3 or 4 general usernames/passwords that the organization members used. I'm trying to keep confusion down to a minimum here. Would it be feasible to have them log in with their last name and pull the information based on that- or there must be another way.
View Replies !
Set FTP Username And Password
My current scenario for this process is a follows: I create a new user and set up the directories with a script. One of the directories is for uploading files and I create an FTP username and password manually in my isp’s control panel. This locks down the directory when the user logins with an FTP client. I have been told that I should be able to set the FTP username and password from the script but despite lots of searching cannot find the answer.
View Replies !
Username, Password, And Hotmail?
I have a script that collects a username and password which doesn't seem to work if the user is a hotmail/msn frame. When they get a message on the system a notification is sent to them with a link to the site, and again, that link doesn't work as it should - unfortunately a lot of the users use hotmail. What's the problem? What do I need to do?
View Replies !
How Can I Get IMAP Username And Password?
the IMAP functions has been compiled into PHP on my server, and then each time access my page index.php from a web browser, I was asked enter username and password, is there any nice person tell me, how can I get IMAP username and password?
View Replies !
Setup Username And Password
Normaly only Administrator can setup username and password for new users. However, could you please tell me how a visitor can regist himselve a new username and password so that he can post new messages. So he only can read messages but if he wants to post new message, he has to input his username and his password. (For example, visitor can read message in this forum but if he want to post message he have to regist for an username and password) then he can post). How I can set up like that. I thought that cookies does not work in this case.
View Replies !
Session_register - Username And Password
I have this forum that I'm creating, and users login to. Ok, the user enters their username and password. If they get them wrong, an error message is displayed. Otherwise, this is what I want to do. I take this variable, $forum_sess. PHP Code:
View Replies !
Emailing Username And Password
I want to be able to look up a person username and password so that I can send there information to them by email. the code does get the email address and looks it up but the problem is getting the username and password to be retrived and to be displayed. The email is sent properly but for the username i get "Resource id #2" and password I get "Resource id #4" as output. The txtemail is sent by a form. PHP Code:
View Replies !
Set The FTP Username And Password From The Script
I create a new user and set up the directories with a script. One of the directories is for uploading files and I create an FTP username and password manually in my isp’s control panel. This locks down the directory when the user logins with an FTP client. I have been told that I should be able to set the FTP username and password from the script but despite lots of searching cannot find the answer.
View Replies !
Embeding Username And Password?
I have a live audio feed that I listen to off my friends website that is password and username protected. He gave me the user/pass and I asked him if I could post the link on my website so I can let others listen to the stream as well. He said that since its user/pass protected I would have to come up with a way to automatically username and password when the stream is started and he said if I can get it to work then he will let me use it. I asked if he can just remove the user/pass but he said there are other people who abuse the stream and thus he wont remove it. So my question is, is there a way I can embed this live audio feed along with the username and password in a PHP script so when people go to listen they are not promoted for a user and pass?? I really have no idea where to start with this thus Im asking on here!
View Replies !
Verify Username And Password
How do I use php script to check whether a persons username and password match thoes in a table. I have a table with all the details of users and a form which allows a user to type in their username and password. On the action of onsubmit how could i use php to check from the table that this name exists?
View Replies !
Mirroring Username And Password
I was wondering if someone could give me some guidance in mirroring 2 databases with their username and password. I have 2 databases that I would like to mirror with the username and password. Do i setup a script? cronjob?
View Replies !
Cannot Use Or Change Username Or Password
I bought a website written in PHP which uses mySQL. The site works fine, but the problem I am having is that I cannot access the admin area because the username and password do not work. The company I bought the site from has been trying to fix the problem for 3 days, but to no avail. I was wondering if any of you have an idea as to what the problem might be. They have tried to reset it, make a new one etc etc etc, but nothing works. Here's the code for the admin login.php file Code:
View Replies !
Username & Password Generator
can anyone help me with the coding of username & password? basically, I need to extract the first 2 letters of 3 strings passed and set it as username, then generate a random 4 digit password with PHP, I've tried that in java, but ot sure how to do that in PHP?
View Replies !
Username/password Verification
I´m trying to do a username/password verification, but it´s not working, even when the user/pass is correct, it will ask for the pass three times and then deny me the acces to the page, does somebody know what i´m doing wrong the passwords.txt has the following format: username|password and here´s the code:
View Replies !
Stroring Username And Password
How do i store database username and password outside the document root? I have found some info on doing this, but it explains that i should store the info within httpd.conf folder, but i dont seem to have access. Thanks i advance for any help, advice and suggestions given. Project completion date is this week, so extra,
View Replies !
Username + Password Check
Okay so I have a registered name and password - a hashed one - stored in the database table called member. First, when someone submit the form for a login, how do I match the name the person typed with the name in the database, case-insensitive and how to I check whether the 2 passwords match since one is hashed, which is the one in the database. BTW, for the forms, I'm using $_SESSION to store the $_POST values.
View Replies !
Username/Password Login
I wrote a script on localhost WAMP, that collects the HTML source (with file_get_contents($url) and regex) from my favorite sites and puts it all together (for my own personal use), so I don't have to manually visit each site to read all that I need to read. However, it does not work if the site has a username/password login form (html form, not Apache "basic authentication").
View Replies !
Redirect Browser With Username And Password
I want to redirect browser with username and password, but following code does not work header("Location: http://userassword@21.22.39.54/t.dat"); browser still pop up a window asking for username and password. is there anyone can help me out with that?
View Replies !
Script For Username & Password Verification
i have this code here to see if the users that come to my site and logon have the correct username & password. they are stored in the file ../extensions/l&p.txt (loginsandpasswords.txt). can it be simplified from what it is now? PHP Code:
View Replies !
I've Deleted Admin Username And Password,
I've deleted my admin username and password which was initially set at test. Now I can't log into my website as the administrator. How do I put Username and Password back so that I can set my own password and username again, log in to my website and edit it. Which file do I have to edit, and where do I re-set the Username and Password?
View Replies !
Securing Host Username Password
i am going through the process of password protecting a directory using ..htaccess and .htpasswd i am experiencing difficulty. so my question is without making life anymore difficult is if the webhost already has a password protected directory option is this secure enough? i dont need password protection at the directory level and at the file level do i? i want to protect the php_include files that will contain my $host $username $password. here is what i did only so you dont think i am totaly crazy. AuthUserFile /home/file_access/.htpasswd AuthName EnterPassword AuthType Basic require usernamegoeshere i put .htaccess in a directory like publichtmlfolder/php_include i put usernamegoeshere : encryptedstringgoeshere i must be missing some little step. i uploaded ascii. i just dont know. i am at a loss. note: it isnt even displaying the EnterPassword in the password dialog. It seems to be the password directory dialog for logging on to ipowerweb. The only thing i can say looks even partially right is when i type in mydomainname/php_include i am prompted with the password dialog.
View Replies !
How To Set Username/password Authentication For Webpage
i am trying to assign authentication for my web page by using the code <?php if ($PHP_AUTH_USER != “XXX” or $PHP_AUTH_PW != “XXX”): header("WWW-Authenticate: " . "Basic realm="Protected Page: " . "Enter your username and password " . "for access.""); header("HTTP/1.0 401 Unauthorized"); ?> <HTML> <HEAD><TITLE>Authorization Failed</TITLE></HEAD> <BODY> <H1>Authorization Failed</H1> <P>Without a valid username and password, access to this page cannot be granted. Please click ‘reload’ and enter a username and password when prompted. </P> </BODY> </HTML> <?php else : header("Location:http://localhost/"); endif; ?> By using this code it always ask me the username and password just i entered the correct details since it ask me for authentication. Any body tell me how to use it.
View Replies !
Making A Username And Password Without A Database
I have a flash movie that prompts the user with a username and password when the movie loads and on submit it sends the variables from flash to my login.php file. If they match then goto the next frame if not echo denied.. <?php session_start(); $username = $_POST['username']; $password = $_POST['password']; if($username == "1" && $password == "2") { echo "&msgText=Entrance Granted."; $_SESSION['approved'] = 'yes'; } else { echo "&msgText=Invalid Login!"; } ?> I have the username and password set to just 1 and 2 for now, but is their a way to make this more secure without using a database? I dont like how the username and password is visible.
View Replies !
How To Send Username/password To Htaccess?
I want to use htaccess for authentication on my php site since I only have a few users who need access to secure areas. So, I created a new directory off public_html (secretDocs) and in that directory there is a .htaccess file that looks like this: AuthType Basic AuthName "someuser" AuthUserFile "/home/mydirectory/.htpasswds/secretDocs/passwd" require valid-user If a user tries to go directly to the url - Code:
View Replies !
Send A User's Username And Password
Can somebody help me make a form that sends a user's username and password to their email when they forget using a code like this: mysql_select_db($database_connBlog, $connBlog); $sql="SELECT user_pass, user_email FROM user_tbl WHERE user_sname='".$user_sname."'"; $r = mysql_query($sql, $connBlog);and using a form like this: <form name="forgot" method="post" action="forgot.php"> <input name="sname" type="text" value="user_email" size="20"/><br /> <input type="submit" name="submit" value="submit"/> </form> I want the user to be able to input their email and when the submit button is pushed they recieve an email with their username and password.
View Replies !
Passing Username And Password Safely
I am running a PHP site where members login.... I have installed a phpBB integration... it created a members list exactly the same as my members on my site... when I load phpbb2 it asks the members to login again... is there a safe way to pass a username and password variable to the new PHP file?
View Replies !
Looking For Username Password Login Component
I'm developing a webapp that needs to track users and provide each user with a view of their own data. In other words, it goes beyond merely protecting certain areas of the site. The application needs to know WHO is logged in and show them their own blog, uploaded documents, reminders, etc. Code:
View Replies !
Secure ( Password Or SHA-1) Function
what is more secure( password or SHA-1) function??? or both of these will do a good job if protecting the password? I know one just disguises the password with a fingerprint which is not encrypted and the SHA-1 is encrypted.
View Replies !
Secure Password Exchange
What's the simplest method for some sort of password authentication system? If you do crypt() does that happen on the client machine or on the server? because if it happens on the server does it really have any use?
View Replies !
Sessions And Security - Username And Password Sent Unencrypted
had a few session questions based no reading the manual i understand some things but still a bit unclear: As I understand it, the only thing stored on client computer is the session ID unique to the visitor (specifically to the browser they are using). It is stored in a cookie or possibly could propagate through url if they have cookies turned off. But that is only info stored client-side. All other info stored in session is stored on server side (the session variables). 1. so when is SSL ever needed on server for secure signin/secure sessions? Like when they sign in, is the username and password sent unencrypted to server 1st so everyone on network can see that info if they have a packet sniffer? If this is true, then: I guess I NEED ssl for any sort of signin system since email info is private, and password info could give another person access to users info on my site. 2. if they already signed into a session... a. Whenever they goto a 'sessioned' page in the website, is the sessionID sent unencrypted to server 1st???, b. and then session variables sent back to browser unencrypted? If this is true, then: So theoretically someone can sniff sessionID over network, put it in a cookie on their filesystem, and login into the website with it (within the period that the session lasts on server which could be when user closes browser or longer if session.cookie_lifetime set longer than 0)?
View Replies !
Check Username And Password Against PHP/mysql And Htaccess..
Is there a way to simultaneously authenticate a user using (1) php session (checking against usernames and passwords in a mysql db), and (2) htaccess (with a ht password file). Here is why, if I have the following script and directory structure for a photo gallery script.. --Root directory --gallery.php --album directory --thumbnail.jpg --.htaccess ..I can use php session authentication to protect access to the gallery script so users cannot see the thumbnail.jpg that way; however, a user could still gain access to that thumbnail by directing visiting the /root/album/thumbnail.jpg address, therefore I have included the .htaccess to require a username/password there. This of course then requires a double login (once with a php form, and once with htaccess). Is there a way to unify these two authenitcation processes with a single form and php script?
View Replies !
Viewing Pages - Set Up A Username/password Scenario
I set up a username/password scenario and was able to get it to work and the add the header to the main.php page, which loaded if the user/pass is correct. But then I realised I can access any of the pages just by typing in the link directly. What do I need to add, so that if people link to the page they need to login first.
View Replies !
|
TRACKER
