- Codice: Seleziona tutto
#
<?php
#
#
###############################################################
#
# Page Password Protect 2.11
#
###############################################################
#
# Visit http://www.zubrag.com/scripts/ for updates
#
###############################################################
#
#
#
# Usage:
#
# Set usernames / passwords below between SETTINGS START and SETTINGS END.
#
# Open it in browser with "help" parameter to get the code
#
# to add to all files being protected.
#
# Example: password_protect.php?help
#
# Include protection string which it gave you into every file that needs to be protected
#
#
#
###############################################################
#
#
/*
#
-------------------------------------------------------------------
#
SAMPLE if you only want to request login and password on login form.
#
Each row represents different user.
#
#
$LOGIN_INFORMATION = array( //prima la psw e poi il nick
#
'aa' => 'dd',
#
'test' => 'testpass',
#
'admin' => 'passwd'
#
);
#
#
--------------------------------------------------------------------
#
SAMPLE if you only want to request only password on login form.
#
Note: only passwords are listed
#
#
$LOGIN_INFORMATION = array(
#
'root',
#
'testpass',
#
'passwd'
#
);
#
#
--------------------------------------------------------------------
#
*/
#
#
##################################################################
#
# SETTINGS START
#
##################################################################
#
//form action="password_only.php" method="post"
#
#
// Add login/password pairs below, like described above
#
// NOTE: all rows except last must have comma "," at the end of line
#
// Set a private page for login
#
$login=$_GET['pag'];
#
include($login);
#
/*
#
---------------------------------------------------------------------
#
*/
#
$LOGIN_INFORMATION = array(//prima il nick poi la password
#
'nome' => 'psw',
#
'
#
#
#
#
#
#
);
#
#
// request login? true - show login and password boxes, false - password box only
#
define('USE_USERNAME', true);
#
#
// time out after NN minutes of inactivity. Set to 0 to not timeout
#
define('TIMEOUT_MINUTES', 0);
#
#
// This parameter is only useful when TIMEOUT_MINUTES is not zero
#
// true - timeout time from last activity, false - timeout time from login
#
define('TIMEOUT_CHECK_ACTIVITY', true);
#
#
##################################################################
#
# SETTINGS END
#
##################################################################
#
#
#
///////////////////////////////////////////////////////
#
// do not change code below
#
///////////////////////////////////////////////////////
#
#
// show usage example
#
if(isset($_GET['help'])) {
#
die('Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include("' . __FILE__ . '"); ?>');
#
}
#
#
// timeout in seconds
#
$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);
#
#
// logout?
#
if(isset($_GET['logout'])) {
#
setcookie("verify", '', $timeout, '/'); // clear password;
#
die("Logged out.");
#
}
#
#
if(!function_exists('showLoginPasswordProtect')) {
#
#
// show login form
#
function showLoginPasswordProtect($error_msg) {
#
?>
#
<center><html>
#
<head>
#
<title>Please enter password to access this page</title>
#
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
#
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
#
</head>
#
<body>
#
<style>
#
input { border: 1px solid black; }
#
</style>
#
<form method="post">
#
<h3>Stai per entrare nell' area privata del sito per entrare occorre registrarsi</h3>
#
<font color="red"><?php echo $error_msg; ?></font><br />
#
<?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" /><br />Password:<br />'; ?>
#
<input type="password" name="access_password" /><p></p><input type="submit" name="Submit" value="Accedi" />
#
<br><br> <a href="http://jonni1995.altervista.org">Vai alla home</a><br><br>
#
<a href="http://jonni1995.altervista.org/dwq/registrazione.html">Registrati</a>
#
</form>
#
<br />
#
</body>
#
</html></center>
#
#
<?php
#
// stop at this point
#
die();
#
}
#
}
#
#
// user provided password
#
if (isset($_POST['access_password'])) {
#
#
$login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
#
$pass = $_POST['access_password'];
#
if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
#
|| (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) )
#
) {
#
showLoginPasswordProtect("Hai sbagliato qualcosa.");
#
}
#
else {
#
// set cookie if password was validated
#
setcookie("verify", md5($pass), $timeout, '/');
#
#
// Some programs (like Form1 Bilder) check $_POST array to see if parameters passed
#
// So need to clear password protector variables
#
unset($_POST['access_login']);
#
unset($_POST['access_password']);
#
unset($_POST['Submit']);
#
}
#
#
}
#
#
else {
#
#
// check if password cookie is set
#
if (!isset($_COOKIE['verify'])) {
#
showLoginPasswordProtect("");
#
}
#
#
// check if cookie is good
#
$found = false;
#
foreach($LOGIN_INFORMATION as $key=>$val) {
#
if ($_COOKIE['verify'] == md5($val)) {
#
$found = true;
#
// prolong timeout
#
if (TIMEOUT_CHECK_ACTIVITY) {
#
setcookie("verify", md5($val), $timeout, '/');
#
}
#
break;
#
}
#
}
#
if (!$found) {
#
showLoginPasswordProtect("");
#
}
#
#
}
#
#
?>