Answer the question
In order to leave comments, you need to log in
Is there a ready-made solution for authorization on the page only with a password?
There is a small script (a self-written assembly of several ready-made classes) that displays pages from the database.
The output is based on GET requests of type index.php?do=layout&name=project
, where project is the value of the name field in the database.
Database structure:
There is a need to close some pages from prying eyes; for this, the pass field was created, where the password is entered.
I suppose to check it when accessing the page, if it does not match, redirect to the password entry form, but I still have little idea how to implement all this in the code.
Is there any out-of-the-box solution for a similar purpose?
Answer the question
In order to leave comments, you need to log in
I solved the problem on sessions and cookies by writing this class:
class PassAuth extends core {
private $project_id;
private $password;
private $is_authorized = false;
function __construct() {
$this->db_config = $this->getConfig('db_config');
$this->db = $this->getDb();
}
public static function validProjectPass()
{
if (!empty($_SESSION["project_id"])) {
return (bool) $_SESSION["project_id"];
}
return false;
}
public function checkPass($password, $remember=false)
{
$pass = $this->passwordHash($password);
$select = "SELECT name, pass FROM ?n WHERE pass = ?s";
$ret = $this->db->getOne($select, 'projects', $pass);
if (!$ret) {
$this->is_authorized = false;
} else {
$this->is_authorized = true;
$this->project_id = $ret['name'];
$this->saveSession($remember);
}
return $this->is_authorized;
}
public function saveSession($remember = false, $http_only = true, $days = 7)
{
$_SESSION["project_id"] = $this->project_id;
if ($remember) {
// Save session id in cookies
$sid = session_id();
$expire = time() + $days * 24 * 3600;
$domain = ""; // default domain
$secure = false;
$path = "/";
$cookie = setcookie('project_id', $sid, $expire, $path, $domain, $secure, $http_only);
}
}
public static function passwordHash($password, $iterations = 2)
{
$hash = md5(md5($password));
for ($i = 0; $i < $iterations; ++$i) {
$hash = md5(md5(sha1($hash)));
}
return $hash;
}
}
Well ... A very strange "Wishlist". Concatenate username and password into one "password".
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question