NamePros
Welcome, Guest! Ready to make a name for yourself in the domain business? We welcome both the hobbyist and professional domainer to join the discussion as part of the NamePros community.

Click here to create your profile to start earning reputation for posting, and trader ratings for buying & selling in our free e-marketplace. Build your trader rating with each successful sale. Our system has tracked over 100,000 sales and counting!
FAQ & TOS Register Search Today's Posts Mark Forums Read

Go Back   NamePros.com > Website Development Discussion Forums > Programming
Reload this Page [resolved] How to limit access to admin file?

Programming PHP, Perl, Ruby on Rails, AJAX, HTML, XHTML, CSS, JavaScript, MySQL and any other coding topics.

Advanced Search


Closed Thread
 
LinkBack Thread Tools
Old 09-01-2007, 04:58 PM THREAD STARTER               #1 (permalink)
Senior Member
 
ApeXX's Avatar
Join Date: Mar 2005
Location: Massachusetts
Posts: 1,999
ApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of light
 



How to limit access to admin file?


I'm looking for some sort of code, script or technique, that limits complete access to my admin.php file without a password.

The admin.php file is the backend to one of my sites and does have a secure login before allowing access to website controls, however I would like to add another security measure.

Basically I'm looking for something like cPanel's directory password lock, except for a single file so that it cannot be read, open, or run without a password.

+Rep for all who assist me!
__________________
FREE Xbox Live Gold codes added daily!
ApeXX is offline  
Old 09-01-2007, 08:45 PM   #2 (permalink)
Senior Member
 
scribby's Avatar
Join Date: May 2005
Location: Australia
Posts: 1,197
scribby is a glorious beacon of lightscribby is a glorious beacon of lightscribby is a glorious beacon of lightscribby is a glorious beacon of lightscribby is a glorious beacon of lightscribby is a glorious beacon of lightscribby is a glorious beacon of lightscribby is a glorious beacon of light
 




PHP Code:
<?

$password 
md5("yourpassword");

if (
$_POST['pass']) {
????: NamePros.com http://www.namepros.com/programming/369107-resolved-how-limit-access-admin-file.html
$pass md5($_POST['pass']);
setcookie("password"$passtime()+3600);
}

if (
$_COOKIE["password"]) {
if (
$_COOKIE["password"] !== $password) { exit; }
} else {
echo 
"
<form method=\"POST\" action=\"admin.php\">
<input type=\"text\" name=\"pass\" size=\"20\">
<input type=\"submit\" value=\"Submit\">
</form>
"
;
}

?>
scribby is offline  
Old 09-02-2007, 07:04 AM THREAD STARTER               #3 (permalink)
Senior Member
 
ApeXX's Avatar
Join Date: Mar 2005
Location: Massachusetts
Posts: 1,999
ApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of light
 



I just realized the admin page is encoded with Ioncube... Will the above code still work inserted in an Ioncube encoded page?
__________________
FREE Xbox Live Gold codes added daily!
ApeXX is offline  
Old 09-02-2007, 07:23 AM   #4 (permalink)
Domains my Dominion
 
sdsinc's Avatar
Join Date: Aug 2005
Location: Web 1.0
Posts: 9,557
sdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatnesssdsinc Has achieved greatness
 


Third World Education Find Marrow Donors! Find Marrow Donors! Find Marrow Donors! Find Marrow Donors! Animal Rescue Animal Cruelty AIDS/HIV Animal Rescue Wildlife Breast Cancer Animal Rescue Wildlife
You can use HTTP authentication with .htaccess file to protect one single file
Check this tutorial:
http://www.wise-women.org/tutorials/htaccess/
Scroll to the bottom for details on the <Files> directive
__________________
NameNewsletter.com - free lists of available domain names
ZoneFiles.net (beta) - ccTLD and gTLD droplists
sdsinc is online now  
Old 09-02-2007, 12:33 PM THREAD STARTER               #5 (permalink)
Senior Member
 
ApeXX's Avatar
Join Date: Mar 2005
Location: Massachusetts
Posts: 1,999
ApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of lightApeXX is a glorious beacon of light
 



Originally Posted by sdsinc
You can use HTTP authentication with .htaccess file to protect one single file
Check this tutorial:
http://www.wise-women.org/tutorials/htaccess/
Scroll to the bottom for details on the <Files> directive
Thanks, that worked great!
__________________
FREE Xbox Live Gold codes added daily!
ApeXX is offline  
Closed Thread


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


Liquid Web Smart Servers  
All times are GMT -7. The time now is 07:14 AM.

Managed Web Hosting by Liquid Web
Domain name forum recommended by Domaining.com Powered by: vBulletin® Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.6.0 Ad Management plugin by RedTyger