Password Protection and File Inclusion With PHP

Written by Robert Plank

First off, if you read last week's article by me (the one about site personalization in PHP), I have one addition to make to make your life a little easier. If you didn't read last week's article, read it. It'll help you. You can find it here: utorials/1

Now, remember how we personalized a page for your visitor? This works fine, but what do we do if they didn't use that special link, and just went torepparttar page?

What I'm saying is, if you special personalized page was at but your visitor only went to Instead ofrepparttar 105085 name there would just be a blank spot! Last week I forgot to cover this.

All we have to do to fix it is to tell PHP that if they didn't leave a name, to substitute one in for them. So let's say that if they left their first name blank to make their first name "Friend". This way instead of saying "Dear Oscar:" it would say "Dear Friend:".

Putrepparttar 105086 following line of code JUST ABOVE THE LINE that says something similar to: echo "$f $l" :

if ($f == "") { $f = "Friend"; }

That way, you can use your special personalized page as a normal page and no one will berepparttar 105087 wiser.

Password protection is something you need every once in a while. Whether it's a secret site you're running or justrepparttar 105088 control panel of your favorite script.

Sometimes you don't need a fancy solution like .htaccess if you're only worrying about a single user (you). But JavaScript passwords can be worked around, and HTML-based passwords based on cookies, written in PHP are complicated and take time to write. Htaccess is nice but it's a pain if you just want to use it for one person.

Here is a simple way to use HTTP authentication (the same you see used by htaccess) with just a few lines of code. Below arerepparttar 105089 sample contents of a file you can use.

$myusername = "myusername"; $mypassword = "mypassword"; $areaname = "My Protected Area";

if ($PHP_AUTH_USER == "" || $PHP_AUTH_PW == "" || $PHP_AUTH_USER != $myusername || $PHP_AUTH_PW != $mypassword) { header("HTTP/1.0 401 Unauthorized"); header("WWW-Authenticate: Basic realm="$areaname""); echo "

Authorization Required.

"; die(); }


my main text.

Last week we learned that PHP code can be integrated into your HTML. All you have to do is make surerepparttar 105090 file ends in .php (for example, "firehydrant.php") and it will work. Everything that comes in between this:

/* And this: */


Is treated as PHP code. Everything outside of those tags is treated as plain HTML.

When copying this code over be SURE to include that last line where it says "my main text." Note that "my main text" is located outside ofrepparttar 105091 PHP code brackets. This means that where you see "my main text" can be your normal HTML file!

Take all of this code and Uploadrepparttar 105092 script onto your web server and run it inrepparttar 105093 browser. You should be greeted by a password popup box similar to those you see with htaccess. Enter "myusername" asrepparttar 105094 username and "mypassword" asrepparttar 105095 password. You should be given a page that says "my main text" and nothing else.

Close your browser window (this is very important) and going back to that page. Try enteringrepparttar 105096 wrong info. The box will come up again. You have three tries and then are given that dreadful "Authorization Required" message.

Track your visitors, using PHP

Written by Dennis Pallett

There are many different traffic analysis tools, ranging from simple counters to complete traffic analyzers. Although there are some free ones, most of them come with a price tag. Why not do it yourself? With PHP, you can easily create a log file within minutes. In this article I will show you how!

Gettingrepparttar information The most important part is gettingrepparttar 105083 information from your visitor. Thankfully, this is extremely easy to do in PHP (or any other scripting language for that matter). PHP has a special global variable called $_SERVER which contains several environment variables, including information about your visitor. To get allrepparttar 105084 information you want, simply userepparttar 105085 following code:

 // Gettingrepparttar 105086 information $ipaddress = $_SERVER['REMOTE_ADDR']; $page = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['PHP_SELF']}";  $page .= iif(!empty($_SERVER['QUERY_STRING']), "?{$_SERVER['QUERY_STRING']}", ""); $referrer = $_SERVER['HTTP_REFERER']; $datetime = mktime(); $useragent = $_SERVER['HTTP_USER_AGENT']; $remotehost = @getHostByAddr($ipaddress); 
As you can seerepparttar 105087 majority of information comes fromrepparttar 105088 $_SERVER variable. The mktime() ( and getHostByAddr() ( functions are used to get additional information aboutrepparttar 105089 visitor.

Note: I used a function inrepparttar 105090 above example called iif(). You can get this function at

Loggingrepparttar 105091 information Now that you have allrepparttar 105092 information you need, it must be written to a log file so you can later look at it, and create useful graphs and charts. To do this you need a few simple PHP function, like fopen ( and fwrite (

The below code will first create a complete line out of allrepparttar 105093 information. Then it will openrepparttar 105094 log file in "Append" mode, and if it doesn't exist yet, create it.

If no errors have occurred, it will writerepparttar 105095 new logline torepparttar 105096 log file, atrepparttar 105097 bottom, and finally closerepparttar 105098 log file again.

 // Create log line $logline = $ipaddress . '|' . $referrer . '|' . $datetime . '|' . $useragent . '|' . $remotehost . '|' . $page . " ";

// Write to log file: $logfile = '/some/path/to/your/logfile.txt';

// Openrepparttar 105099 log file in "Append" mode if (!$handle = fopen($logfile, 'a+')) { die("Failed to open log file"); }

// Write $logline to our logfile. if (fwrite($handle, $logline) === FALSE) { die("Failed to write to log file"); } fclose($handle);

Now you've got a fully function logging module. To start tracking visitors on your website simply includerepparttar 105100 logging module into your pages withrepparttar 105101 include() function (
 include ('log.php'); 
Okay, now I want to view my log file After a while you'll probably want to view your log file. You can easily do so by simply using a standard text editor (like Notepad on Windows) to openrepparttar 105102 log file, but this is far from desired, because it's in a hard-to-read format.

Cont'd on page 2 ==> © 2005
Terms of Use