Simple PHP Page Protector

Posted on March 7, 2010 by papa_face

A couple of years ago I posted a way to protect a PHP page from access on the internet in an easy way.
I've spent around 15 minutes producing what I feel is a better version of the same script at the original post.
In order for it to work, you'll need a MD5 string, which you can get using the below box, just enter you password and then replace 6121904d3138741fb744fba85c276606 in the code, its quite self-explanatory.


<?php
session_start();
$_userpassword = "6121904d3138741fb744fba85c276606";
$_username = "pass";
/*DO NOT EDIT*/
if	($_POST[&apos;pageprotector&apos;])
	{
	if	(md5($_POST[&apos;pageprotectorpass&apos;]) == $_userpassword && $_POST[&apos;pageprotectoruser&apos;] == $_username)
		{
		$_SESSION[&apos;bG9nZ2VkaW4p=&apos;]=$_userpassword; $_SESSION[&apos;bG9nZ2VkaW4u=&apos;]=$_username; header(&apos;Location:&apos;.$_SERVER[&apos;PHP_SELF&apos;]);
		}
	else
		header(&apos;Location:&apos;.$_SERVER[&apos;PHP_SELF&apos;].&apos;?wrongpass=1&apos;);
	}
if	($_GET[&apos;pageprotectlogout&apos;] == "1")
	{
	unset($_SESSION[&apos;bG9nZ2VkaW4p=&apos;]);unset($_SESSION[&apos;bG9nZ2VkaW4u=&apos;]);header(&apos;Location:&apos;.$_SERVER[&apos;PHP_SELF&apos;]);
	}
if	($_SESSION[&apos;bG9nZ2VkaW4p=&apos;] != $_userpassword && $_SESSION[&apos;bG9nZ2VkaW4u=&apos;] != $_username)
	{
	if	($_GET[&apos;wrongpass&apos;] == "1") echo "Wrong password";?>
<form action="<?php echo $_SERVER[&apos;PHP_SELF&apos;]; ?>" method="post">
Username: <input name="pageprotectoruser" type="text" /> Password: <input name="pageprotectorpass" type="text" /><input name="pageprotector" type="submit" value="Login">
</form><?php
	exit;
	}
/*DO NOT EDIT ABOVE*/
?>
This entry was posted in Coding and tagged , , , , . Bookmark the permalink.

Leave a Reply