B&T's Tips & Scripts
How did you find this site?
  Search engine25 % 
  My webhost27 % 
  Another website29 % 
  Referral13 % 
  Other6 % 
The last vote was cast today
B&T's Tool Box
Password Generation
Length of Password
Include Numbers
Include Uppercase Letters
Include Lowercase Letters
Include Special Characters
Password Encryption for .htpasswd
Username
Password
Hex RGB Color Conversion
Hex #
RGB
Check HTTP status code
enter full url to be checked
Domain Name / IP Resolution
enter Domain Name or IP Address

B&T's Recommendations

Site5.com

Got (or getting) a Mac?

AppleChronicles.com

Helpful Links to Other Sites

PHP Documentation
Apache Server Documentation
MySQL Reference Manual
W3C Page Validation Tools
View your site in other browsers
American Registry for IP Numbers
Test Your Firewall
Test Your Connection Speed

B&T's Tips & Scripts is a collection of Tips & Scripts to help you build a better website.  The Tips & Scripts are targeted towards the native Apache PHP MySQL environment.  Check back frequently as there will be additions and modifications.  Please check our terms of use.
B&T's Tips & Scripts is a safe website.
No pop-up ads and no evil downloads.
Search Tips & Scripts
as current the latest index of this site
Tag Definitions Date - most recent update
- for advanced users
- topic rating
php5 - requires php5 or later
Have you had enough programming and website building for a while?
Need a break to clear your mind?
Go to PrettyWorthless.com, where you will find nothing of value.


   Using .htaccess  

  1. .htaccess Basics Mar 9, 2006
  2. Domain & subdomain pointing May 12, 2005
  3. Automatic subdomains Jun 17, 2007
  4. Undefined subdomains Jul 20, 2008
  5. Prevent direct access to a pointer or subdomain directory Aug 15, 2006
  6. Forcing or eliminating the WWW. Feb 9, 2005
  7. Fixing the trailing slash problem May 11, 2005
  8. Friendly URLs Mar 21, 2007
  9. Rewrites and https Dec 18, 2007
  10. Blocking traffic to your website Jan 2, 2005
  11. Anti-leech May 25, 2005
  12. Fancy default index page Jan 25, 2005


   Using .htaccess/.htpasswd Password Protection  

  1. Setting up password protection Feb 9, 2005
  2. Encrypt your password for .htpasswd Dec 21, 2007
  3. Auto Password Change and Email Notification Dec 21, 2007 php5
  4. Auto generate .htpasswd file Dec 18, 2007 php5
  5. Passing user authentication information to PHP Jun 13, 2004


   Coding Tips  

  1. HTML "One Liners" Nov 13, 2005
  2. PHP "One Liners" Apr 5, 2007
  3. JavaScript "One Liners" Aug 25, 2007
  4. CSS examples Sep 9, 2006
  5. SQL coding examples Aug 29, 2006
  6. AJAX example Sep 24, 2006


   Uploads and Downloads  

  1. File Upload Script Dec 20, 2007 php5
  2. Custom Download Page Dec 14, 2007 php5
  3. Tracking and Securing Downloads Dec 20, 2007 php5


   Mail  

  1. Form Mail Aug 19, 2007
  2. Obfuscate your email address Nov 12, 2006
  3. Read and auto-process mail Nov 12, 2004
  4. Auto-responder Dec 18, 2007 php5
  5. Display your email message count Jul 30, 2004
  6. Setting up SPF Records Jan 4, 2007
  7. Specify a return-path for generated mail Jul 18, 2006


   Working with Images  

  1. Watermark images Jul 14, 2007
  2. Resize images (create thumbnails) Jul 14, 2007


   Frequently Requested Website Functionality  

  1. Visitor Counter Dec 14, 2007 php5
  2. 404 Error Page (with reporting and logging) Dec 20, 2007 php5
  3. CAPTCHA Aug 19, 2006
  4. Poll (voting) Dec 17, 2007 php5   see it on this page
  5. Weather Jul 27, 2008 php5
  6. FAQ Page May 23, 2005
  7. Random/weighted banners, quotes & more Feb 9, 2005
  8. Load a random image (simple) Jan 20, 2004
  9. Image (banner) rotation Oct 15, 2007
  10. Simple "members only" pages May 13, 2005
  11. Replace banned words Apr 5, 2007
  12. Get the most recent file date Jan 30, 2006
  13. Moving (bouncing) Image Nov 10, 2005
  14. Sticky default values for an input Oct 22, 2006


   Using PHP  

  1. Creating a custom php.ini file Dec 18, 2007 php5
  2. Copying the php.ini file Dec 18, 2007 php5
  3. Deleteing php.ini files Dec 18, 2007 php5
  4. Clean up your PHP scripts Nov 11, 2005
  5. Regular Expression Rules Mar 22, 2006


   Website Managment  

  1. Tips for keeping your website secure Jan 24, 2006
  2. Using Cron Sep 13, 2005
  3. Website Monitoring Dec 19, 2007
  4. Automated Site Backups Dec 19, 2007
  5. Automated MySQL Backups Dec 19, 2007
  6. Server-to-server file transfer December 16, 2006
  7. MySQL Error Notification Dec 20, 2007
  8. Find File and Directory Sizes Dec 14, 2007 php5
  9. Deleting session files Aug 9, 2006
  10. FTP made easy Mar 1, 2006
  11. Search and Replace Dec 14, 2007 php5


   Other Tips  

  1. URL Validation Feb 8, 2008
  2. Stop direct links to web pages Jan 22, 2004
  3. Ensure your page is not opened in a frame May 5, 2005
  4. Masking your URL in the Address Bar Jul 20, 2004
  5. Ban or allow IP Addresses (without using .htaccess) Jan 19, 20008
  6. Using Cookies Sep 24, 2006
  7. View your website in different resolutions Jan 2, 2005
 

Back to Top     Print this Tip

Simple "members only" pages

By combining some of the Tips & Scripts on this page it is possible to make a simple "members only" section on your website.   When a user logs in they are automatically sent to their page, and can not get to anyone else's page.

Use the "setting up password protection" tip to set up a password protected directory.   Let's call that directory members.   Under that members directory have a subdirectory for each member.   For example members/joe and members/jane.

Then in that password protected directory members, use the "Passing user authentication information to PHP" to identify the user and route them to the directory with their name.   So you have a page members/index.php which would contain a script something like this:

You can download this script as a .txt file.  Remember to rename the file as a .php file.

- - Start Script Here - -
<?php
$directory $_SERVER['REMOTE_USER'];  // directory name is the user name
if (file_exists($directory)) {
  header("Location: " $directory "/");   // go to the user directory
} else {
  header("Location: http://yourdomain/error.htm");  // not found
}
?>
- - End Script Here - -

Then you need to secure each individual members subdirectory so no authenticated member can get to another member's subdirectory.   You can do this with another .htaccess file which you put in each member's subdirectory.   But there is no need for another identity verification.   Simply put these three lines in a .htaccess file in each member's subdirectory (this example being for joe):

RewriteEngine On
RewriteCond %{REMOTE_USER} !^joe
RewriteRule . http://yourdomain.com/error.htm [L]

In this example, if anyone other than joe tries to access anything in that subdirectory they will get the error page.

In summary:
  1. A member always goes to page domain.com/members.   If the member is not logged in they will get the login prompt and then be sent to their page.   If the member has already logged in, they will just be sent to their page.

  2. Using this method you must put each member name in the htpasswd file for authentication, use that name as a directory name, and put that name in the htaccess file for that directory.   So it is not maintenance free - but it is very secure, easy and "light weight".   Note that all this is case sensitive, Joe is not the same as joe.   The .htpasswd member name must match the dirctory name which must match the name used in the .htaccess for that directory.

Rate This Topic



 
You are visitor 446,265
Last week there were 4,264 visitors
Copyright ©2004-2008