This password mechanism will be effective providing that:
It assumes that access to the protected part of the web site is through an entry page, with a form containing a password prompt:
The normal route through the PHP script when called as above simply checks the given password against one contained within a list, and displays either the required entry web page of the protected part of the site, or reports that an invalid password has been given. The script allows for multiple passwords / entry web page combinations.
The basic form is coded as follows (without the styling):
<form id="myform" action="passwords.php" method="post"> Enter password: <input type="password", name="password", maxlength="12" /> <input type="submit", name="submit" value="submit" /> </form>
The password field must be called password, and the action attribute must contain the URL for the password.cgi script. If the password is valid the CGI script invokes one web page; if it is invalid it invokes a second.
The PHP script includes the following lines which determine valid password / URL combinations, which should be adjusted to meet your own requirements.
# Set up the password strings and associated URLs. Note that the elements of all # but the last of this hash list are separated by commas. $urlList = array ('xyzzy' => 'valid.html', 'abcdef' => 'valid.html', '123456' => 'valid.html' ); # Set up the invalid URL my $invalidurl = "invalid.html";
var invalidurl = "invalid.html";
Download compressed software (4.63 KB)