You run a website that is simple enough it doesn't require a database. But your site features certain pages to which you'd like to limit access. Most of the time, that implies using a database to store passwords and usernames. There is an easier way, however. It's less secure, but it involves a lot less coding.
A downloadable file for this article is available here.
If youíre using a database with your web application, you already have somewhere to store passwords and usernames, and a method for authenticating visitors. But what do you do if the complexity or security requirements of your site donít warrant the use of a database? There may be times when you want certain pages or areas of your site to be viewable by only particular people. A very simple way of doing this involves using a text file with a password stored in it and creating a page that prompts the visitor to enter a password; if the password matches what is stored in the text file, the user is allowed access to the restricted page, but if it doesnít, an appropriate message can be displayed before refreshing the start page.
For further security, you can also encrypt the password that is stored in the text file with a one-way hash so that if the contents of it are discovered somehow, it will still be very difficult to ascertain. All of this can be done with methods built into PHP. It takes surprisingly little code.
Before getting started, youíll need an environment to test and work with PHP in, so youíll need to have a web server installed and configured for PHP. Apache works well with PHP and is easily installed and configured, so Iíd recommend using this set up.
First of all then, you need a page to hold the text box that will receive the password from the visitor and the submit button to send it to your PHP file. This can be a new page or part of an existing page on your site, whatever you think best. A block of code as simple as the following should suffice: