安全的网页使用PHP / htaccess的? [英] Secure pages with PHP/.htaccess?
问题描述
www.example.com/index.html
在我的网站是一个页面,要求输入密码,输入的时候,贯穿 WWW .example.com的/的login.php
。
www.example.com/index.html
on my website is a page that asks for a password, and when entered, runs through www.example.com/login.php
.
<?php
if (isset($_POST['pw']) && ($_POST['pw'] == "mypassword"))
{
// Location after Logged in
header('Location: http://example.com/kareha/index.html');
}
else
{
// If not Logged in
header('Location: http://example.com/index.html');
}
?>
然后被重定向到 www.example.com/kareha /
。
现在的问题是,任何人都可以直接输入,并直接导航到 www.example.com/kareha /
。
The problem is, anyone can just type in and directly navigate to www.example.com/kareha/
.
有没有什么办法可以保护这个索引文件(或在网站上任何其他地方),所以任何人都不能登录被重定向到主登录页面谁?
Is there any way I can protect this index file (or anywhere else on the site) so anyone who isn't logged in is redirected to the main login page?
此外,它会帮助,如果它是通过的.htaccess
保护? ( /kareha/index.html
根据模板,每次我摆弄它打破自动更新)
Also, would it help if it was protected through .htaccess
? (/kareha/index.html
is automatically updated according to a template, which has broken every time I mess around with it)
编辑:也许一些沿启动会话 /login.php
,然后为行的.htaccess
在本届会议的 / kareha /
文件夹检查?
Maybe something along the lines of starting a session with /login.php
and then having .htaccess
in the /kareha/
folder check for the session?
推荐答案
您需要使用会话或htpasswd的。要使用会话,改变你的HTML文件到PHP
you need to use sessions or .htpasswd. To use sessions, change your html files to php
这里是你的登录脚本
<?php
session_start();
// see if the form has been posted
if($_SERVER['REQUEST_METHOD'] == 'POST') {
// check for the password
if($_POST['pw'] == "mypassword") {
// set a session
$_SESSION['loggedin'] = true;
// redirect to kareha/
header('Location: http://example.com/kareha/index.php');
}
} else {
header('Location: http://example.com/index.html');
}
// put HTML and login form here...
的kareha / index.php的最顶部
<?php
session_start();
if(!isset($_SESSION['loggedin'])) {
// redirect to login page
header('Location: http://example.com/index.html');
}
// put rest of page here
您可以读到这里会: http://www.php.net /manual/en/book.session.php
编辑:我看错了原来的问题。修...
I misread the original question. Revised...
这篇关于安全的网页使用PHP / htaccess的?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!