Zubrag.com
October 19, 2018, 05:35:36 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
 
   Home   Help Search Login Register  
Pages: [1]
  Print  
Author Topic: usernames/passwords in external file?  (Read 10869 times)
thejohnson4
Newbie
*
Posts: 28


« on: April 26, 2007, 02:24:41 PM »

Hi,

I have the Password Protect script working perfectly on my site, however, i was wondering if there is a way of having the usernames etc listed in an external file (i.e. not listed in the main password_protect file)??

Note: they would obviously be in the same format:  'user' => 'pass', etc.....  but just in a seperate file (for security).

How would i do that? 

Many Thanks,

Adam

p.s. i have adjusted the script for multiple redirect etc as shown here: http://www.zubrag.com/forum/index.php/topic,143.0.html

Logged
zubrag
Administrator
Hero Member
*****
Posts: 788


WWW
« Reply #1 on: April 26, 2007, 03:33:11 PM »

Hi Adam

Try password protector with security levels (groups). Download using the link in last post.

http://www.zubrag.com/forum/index.php/topic,72.0.html

In this script you define passwords in separate files (one file per group).

Does it help?
Logged
thejohnson4
Newbie
*
Posts: 28


« Reply #2 on: April 26, 2007, 04:47:22 PM »

Hi,

Thankyou for replying so quickly - but you got the wrong end of the stick (my fault entirely, didn't explain myself v well!).

I have the different group levels/multiple users setup, and presently are all listed in the main password_protect.php file.

What i want to do though - basically, is to make a very simple signup form that writes to a text file, then that file is called from the main password_protect one).


Do you have any more ideas? many thanks,


Adam
Logged
zubrag
Administrator
Hero Member
*****
Posts: 788


WWW
« Reply #3 on: April 27, 2007, 03:13:19 AM »

Unfortunately password protector does not support sign up yet. I'll add signup with email validation this weekend.
Logged
thejohnson4
Newbie
*
Posts: 28


« Reply #4 on: April 27, 2007, 01:12:14 PM »

Thanks - that will be great if you could!

Would it be possible to have the user-redirect addition (shown in the link above) included too?

so that admin can sign people up - providing a username, a password, and where youd like them to be redirected?


That would be fantastic.... thankyou again.


Adam
Logged
husker
Newbie
*
Posts: 13


« Reply #5 on: May 18, 2007, 12:02:50 PM »

The php die at the top of the username file is very clever.

Do you think the php die is sufficient for protection?

I was originally planning to move this file out of webroot for security purposes - would this be over-kill or introduce other problems?
Logged
zubrag
Administrator
Hero Member
*****
Posts: 788


WWW
« Reply #6 on: May 18, 2007, 12:58:32 PM »

Hackers should not be able to view users list unless web server (Apache, IIS) fails or is mis-configured.

But moving users file outside webroot will make it even more secure. Go ahead, this will not introduce any problems.
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC