http://ask.metafilter.com/29453/You-Sir-name-password/ Comments on Ask MetaFilter post You Sir, name password. Wed, 21 Dec 2005 15:02:15 -0800 Wed, 21 Dec 2005 15:02:15 -0800 en-us http://blogs.law.harvard.edu/tech/rss 60 http://ask.metafilter.com/29453/You-Sir-name-password WebSecurityFilter: I'm looking for a PHP or CGI script which would redirect a user to their password protected folder when they enter their username and password. <br /><br /> I am trying to build a single entry point for client access to resource files online. The idea is that I can pass out a single 'client access' URL where the client can enter their username and password which would be verified and then redirected to their folder on the server.<br> <br> The maintenance of this tool needs to be absurdly easy as I plan on handing off maintenance of this to a non-tech-savvy person ASAP. post:ask.metafilter.com,2005:site.29453 Wed, 21 Dec 2005 14:33:09 -0800 DragonBoy internet security scripts passwords PHP CGI http://ask.metafilter.com/29453/You-Sir-name-password#464578 This should be very very simple. What kind of security do you need on the login information? Are you using a database for user info, or just a flat file? Do lost passwords need to be recoverable? The most complex bit is the authentication system (which needn't be too complex); the redirect after a successful login will likely be a single line of code.<br> <br> If you just need a simple system that uses a text file with usernames and passwords, I could put something together for you in about a half hour. comment:ask.metafilter.com,2005:site.29453-464578 Wed, 21 Dec 2005 15:02:15 -0800 TonyRobots http://ask.metafilter.com/29453/You-Sir-name-password#464585 How is the folder protected? .htaccess? That may be an issue for redirection, depending on how your permissions system works. comment:ask.metafilter.com,2005:site.29453-464585 Wed, 21 Dec 2005 15:12:56 -0800 devilsbrigade http://ask.metafilter.com/29453/You-Sir-name-password#464637 You don't even need PHP (or any other scripting language). If you're using Apache as the webserver, you can use .htaccess to handle the authentication side. Take a look at <a href="http://www.javascriptkit.com/howto/htaccess3.shtml">this</a> tutorial for a quick and easy way of setting this up. All your "non-tech-savvy" person would have to do is is modify the .htpasswd file with user/password information. comment:ask.metafilter.com,2005:site.29453-464637 Wed, 21 Dec 2005 16:14:41 -0800 purephase http://ask.metafilter.com/29453/You-Sir-name-password#464710 <i>All your "non-tech-savvy" person would have to do is is modify the .htpasswd file with user/password information.</i><br> <br> Which would involve ftp, plain text editing and more ftp. Or SSH and command line. And still wouldn't handle the redirection. <br> <br> This might work though you may have to do some hacking to get the redirection working: <a href="http://evolt.org/node/60384">PHP login system with admin features</a>. comment:ask.metafilter.com,2005:site.29453-464710 Wed, 21 Dec 2005 16:58:58 -0800 blag