<?php

if (isset($_COOKIE['loguser'])) {
$givenusername = $_COOKIE['loguser'];
} else {
$givenusername = $_POST['txtUsername'];
}

if (isset($_COOKIE['logpass'])) {
$givenpassword = $_COOKIE['logpass'];
} else {
$givenpassword = $_POST['txtPassword'];
}
switch ($givenusername){
case "user1":
$password = "pass1";
break;
case "user2":
$password = "pass2";
break;
case "admin":
$password = "adminpass";
break;
default:
$password = "no";
$givenpassword = "yes";
break;
}

if ($givenpassword != $password) {

?>

<h1><font face="Arial">Please Login</font></h1>

<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<p><label for="txtUsername">Username:</label>
<br />
<input type="text" title="Enter your Username" name="txtUsername" size="20" /></p>

<p><label for="txtpassword">Password:</label>
<br />
<input type="password" title="Enter your password" name="txtPassword" size="20" /></p>

<p><input type="submit" name="Submit" value="Login" /></p>

</form>
<?php

}
else {

setcookie ("loguser", $givenusername);
setcookie ("logpass", $givenpassword);

?>

//CONTENT YOU WANT TO PROTECT!!!

<?php

}

?>

Insert all the html / php code you want to protect where it says

//CONTENT YOU WANT TO PROTECT!!!

and then edit

case "user1":
$password = "pass1";
break;

all in the script above to what you want the users and passwords to be.

Nice Script it's good

I think that it would probably be better to use sessions and session vars instead of cookies, but it will still work

and/or you could use HTTP authentication in PHP (http://www.php.net/features.http-auth) instead of a login in the html
but better yet, you could use .htaccess and .htpasswd
AuthUserFile /path/to/safedir/.htpasswd
AuthGroupFile /dev/null
AuthName SomeRealm
AuthType Basic

require valid-user
and in the .htpasswd file:
user1:pass
user2:passetc.

Sorry if I'm wrong DanielXP, but.. can't you just bypass the password with a simple javascript injection that will just change the cookie to whatever username and password you want? Meaning the protected content won't be protected anymore.
Once again, I'm probably wrong.

Toshka..

I've had a problem with using cookies and MySQL... so I'll try the .htaccess and .htpsswrd files that meep posted...

Hey bro!
Thanks for the script!
What's better tho?? Like protecting directories through cpanel or using a script like that?

I think cPanel uses .htaccess (it uses .htaccess for redirects), but I'm not sure. I will check it out later.

You can also do basic http authentication with php, but since syxe has php running as cgi and not as a module, it will require a little hack.

HTTP authentication with PHP: http://www.php.net/manual/en/features.http-auth.php.
and the 'hack' can be found in the comments here (http://www.php.net/manual/en/features.http-auth.php#68464).

Thanks for the script u share. :)

thats cool

what is the best way for password protection

Personaly i would use a directory password.

If i was doing a user system i wouldn't.

When RMB is back theres a tutorial for a MYSQL + PHP tutorial system on there

well i'm working out a mysql + php login system, with access flags (eg admin and user, so you can restrict features :p) just experiencing some troubles with the installer, before i begin on the acp :p

yeh wat is the best way for password protection :S

as far as i know the most secure way is to use mysql (but i dont know much about it lol)

Nice script although you could encrypt the password in the register script kind of thing.
Dont blame you if u dont get me :P lol

Encryting would be good but then every time you make a new user you will have to make a new script to encryt there password.

Theres no register script for this tutorial.

For a PHP + MySQL UserSystem visit the tutorial on my site at,

http://rmb-scripting.com/tutorials.php?tutorial&tid=58

<?php

if (isset($_COOKIE['loguser'])) {
$givenusername = $_COOKIE['loguser'];
} else {
$givenusername = $_POST['txtUsername'];
}

if (isset($_COOKIE['logpass'])) {
$givenpassword = $_COOKIE['logpass'];
} else {
$givenpassword = $_POST['txtPassword'];
}
switch ($givenusername){
case "user1":
$password = "pass1";
break;
case "user2":
$password = "pass2";
break;
case "admin":
$password = "adminpass";
break;
default:
$password = "no";
$givenpassword = "yes";
break;
}

if ($givenpassword != $password) {

?>

<h1><font face="Arial">Please Login</font></h1>

<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<p><label for="txtUsername">Username:</label>
<br />
<input type="text" title="Enter your Username" name="txtUsername" size="20" /></p>

<p><label for="txtpassword">Password:</label>
<br />
<input type="password" title="Enter your password" name="txtPassword" size="20" /></p>

<p><input type="submit" name="Submit" value="Login" /></p>

</form>
<?php

}
else {

setcookie ("loguser", $givenusername);
setcookie ("logpass", $givenpassword);

?>

//CONTENT YOU WANT TO PROTECT!!!

<?php

}

?>

Insert all the html / php code you want to protect where it says

//CONTENT YOU WANT TO PROTECT!!!

and then edit

case "user1":
$password = "pass1";
break;

all in the script above to what you want the users and passwords to be.

In your Cpanel can you find a link, where you also can do this!

thanks for the tut

thans for the script...hope it work well for me