Password protect web pages by adding one line of PHP code to the page source. Script will show login form to protect content from unauthorized access. Includes login form, signup form, password reminder, and user management page for admin. Uses flat file database, no MySQL required. Can be set up to redirect after successful login.

Installation:

Update settings.php to match your needs (admin password, login form, signup form, and reminder form settings)
Upload password protector (all the files from the package) to your server
Set write permissions on users.php (users list file)
Open User Manager manager.php in your favorite browser (it will prompt for admin password from settings.php). You'll see:
- Logout link
- Protection string to be added at the top of each page you want to protect
- List of users (Username, Password, Email, Redirect URL)

How to protect a webpage:

Add protection string (available on User Management page) to each php page you would like to protect, at the very beginning of the page source (it must be the first line).
For example you want to protect page members-only.php.
- open source code of the members-only.php in your favorite editor
- add the protection string (see above on how to get the protection string) at the beginning

How to link to login form:
You can add a link to login form from on any of your pages.
If you saved password protector in "protect" folder on your server, sample html code for link would be:
<a href="http://www.example.com/protect/login.php">Login</a>

How to link to signup form:
You can add a link to signup form from on any of your pages.
If you saved password protector in "protect" folder on your server, sample html code for link would be:
<a href="http://www.example.com/protect/signup.php">Signup</a>

How to link to password reminder form:
You can add a link to password reminder form from on any of your pages.
If you saved password protector in "protect" folder on your server, sample html code for link would be:
<a href="http://www.example.com/protect/reminder.php">Password Reminder</a>

Note: login form, signup form, and password reminder form have its own header and footer templates. Find more information about password protector advanced on the forum.

Download Advanced Password Protect

Comments

November 15, 2007

is there a way to approve registration when a new user uses the signup form

dedi November 15, 2007

this really really good script :) thanks anyway.

frank November 19, 2007

Perfect!!

john December 2, 2007

I added the protection string to the very first line of my php file code as suggested, but when i try to access the page with that code i get the following "Cannot find users list!" What am i doing wrong or is this a bug.

tim December 14, 2007

I get the same "Cannot find users list" error.

http://www.parisnajd.com December 15, 2007

thanks it's great

Ryan December 16, 2007

This is an amazing script!
Also, thank you for the great documentation. It helps while problem solving.

tim [anti-spam] highestpraisetabernacle.org January 19, 2008

Will This script protect a .html page?

January 26, 2008

This is really a great script.
Thank you by clear documentation.

Luiz Carlos

hypocrite420 [anti-spam] rediffmail.com January 28, 2008

Great,but notcompleted at all- i think so.

March 4, 2008

after the user sign up to viewed protected page. Everytime they come back, they need to sign up again.. how do i make that so, user no need to sign up again and again.
BTW. This is nice script.

thx

sam March 5, 2008

Is anyone figure out how to fix that cannot find user list errors?
Please help.

dreamzdb [anti-spam] gmail.com March 13, 2008

To fix the user list error go into your settings file and change the 9th line from "define('USERS_LIST_FILE', 'users.php');" to define('USERS_LIST_FILE', '../users.php');

** or change it to the full URL of that file location.

dreamzdb [anti-spam] gmail.com March 13, 2008

CORRECTION

The above solution will cause problems with the manager.php file.

** Instead: Change line 13 in login.php to read

$users = @file('../' . USERS_LIST_FILE);

daveeee1234 [anti-spam] hotmail.com March 26, 2008

i need a little help . if my site is made of html pages , can i add a few pages of php ? can a site contain both html and php ? would someone like to help me do it ? i already have the html site set up , but i need help to make a password protected page for multiple user accounts ?if you want to help me , add me to msn daveeee1234@hotmail.com i know it isnt much , but ill pay you 25 bucks . please and thank you

rizvishahab [anti-spam] rediffmail.com March 28, 2008

problem in new user's signup
error is :
cannot ad new user in database

rizvishahab [anti-spam] rediffmail.com March 28, 2008

plz. solve my problem

I get the error "Cannot add user to database" error.

lordtrini [anti-spam] gmail.com April 1, 2008

anyone know of something with simular features but with mysql database...

rdl April 25, 2008

how do i set "write permissions" on user.php ???

i am thinking that is the reason why i keep trying to signup and getting the error message "cannot add user to database".

help appreciated!

Tim April 28, 2008

Didn't work. Did everything in the readme.

James May 2, 2008

This is fantastic. Worked right out of the box. Any trouble I had was my own dumb fault. Thank you guys for being so generous with your scripts!

jay-smith [anti-spam] hotmail.co.uk May 7, 2008

hi it works great 4 me but the sign in doesnt work =( can you help please it says "Cannot add user to database" because of "Permission denied in /home/a6348610/public_html/members/signup.php on line 97
" ?????? please help

asheikha [anti-spam] gmail.com May 10, 2008

This is really a good script.

http://www.browsespan.com

a May 10, 2008

its great but the signup.php has an error on line 97

May 30, 2008

this script rocks. thanks.

June 15, 2008

It would be great if you take the care to provide examples/demo of your scripts.

I even suggest that you make them Commercial with added features, easy support and installation and congrats for your efforts and time in making great scripts.

That's said, being not a programmer or a whiz genius like you, kindly provide whenever possible Simple Easy Steps Help. Thank You.

Rgds
Akshaye

peter June 21, 2008

can someone post a log out link on here
thanks

msbarnabas [anti-spam] gmail.com June 27, 2008

Instead: Change line 13 in login.php to read

$users = @file('../' . USERS_LIST_FILE);

I did this correction for the cannot find user list problem... But even then it isn't working. Please someone help me

west158 July 18, 2008

OMG every single login doesnt work, but this one, OMG it boody works, if i had (seriously - im not drunk) 1mill, i would donate it to this script, i would donate to this site for my life if i could. thanks i have been looking for this type of script for ages and it works

Doofus July 29, 2008

How do I set "write permissions" on user.php ???

August 6, 2008

Has anyone turned on the admin user name for login? If so, how?

For people who have "can't find user list" error - I got around it by putting all files (pages and protection) in the same folder. No code changes needed.
If you are using Filezilla FTP, you can change write permissions by right-clicking the user.php file in FZ.

sssssss [anti-spam] ddd.com August 8, 2008

sssssssss

dex September 3, 2008

is it possible to easy add redirection based on login?

Thanks!

September 4, 2008

added to every page when try to access protected page never loads the page stays on the login page. What's wrong?

beatson September 14, 2008

How do I set "write permissions" on user.php ??? i keep getting cannot add user

redicedesigns.com September 25, 2008

In order for you not to get the "Cannot add user to database" error, you have to change the rights on the actual server, not the PHP files. For example changing it from:
"rw- r-- r--" to "rw- rw- rw-"

mike September 26, 2008

I have a demo website for some testing proposal, and I want visitors of my site to request username and passwords for testing demo. For some security reasons
I need the script should automatically drop the user from user,php upon login.
So when he logout must request for new username and passwords.
Is there any way in login.php to add some code that will get $login and $pass from login form and remove or change their value in user.php
Or perhaps some other solution.

neex1233 [anti-spam] aol.com September 27, 2008

User signup

Fatal error: Using $this when not in object context in /home/thenicow/public_html/123/signup_form.php on line 3

comes up on the register page. What do I do? Tell me at neex1233@aol.com.

September 29, 2008

CAN YOU GUS NOT SEE THE MESSAGE POSTED CLEARLY TO THE RIGHT OF THE COMMENT FORM????????
LET ME HELP OUT BY REPEATING IT HERE:

''!!! Comments posted here will not be answered. If you want to ask a question please post it on the forum.''

October 1, 2008

The following worked for me on the setting page to fix the user list not found error. Just replace with your own servers path.
define('USERS_LIST_FILE', 'C:\\Inetpub\\wwwroot\\apps\\compuware\\users\\users.php');

Shayak Banerjee October 13, 2008

How to protect a web-application from duplicate user log-in, that is logging-in with same username and password, But creating different session's.I think with this a user can violet the basic law's of physics, making more than one request at a time. I've tried many experiment but I was unable to come up with a feasible solution, Please tell me one with which I can protect my web-app from this issue.Send me at: shayak_banerjee@hotmail.com

will October 16, 2008

amazing script

Jack November 16, 2008

can anyone make this script send an email to the administrator when someone signs up?

Evan November 16, 2008

Can anyone tell me why I'm getting this error?

Warning: Cannot modify header information - headers already sent by (output started at /home/bouncear/public_html/southparkmobile/vipaccess/login.php:4) in /home/bouncear/public_html/southparkmobile/vipaccess/login.php on line 96

Warning: Cannot modify header information - headers already sent by (output started at /home/bouncear/public_html/southparkmobile/vipaccess/login.php:4) in /home/bouncear/public_html/southparkmobile/vipaccess/login.php on line 108

Colin November 18, 2008

Ok can someone please help me. When i try to put a new user it says can not add to data base why is this? It also says cannot find user list when i try to log in. One other question: what is the original admin log in?

tommy November 26, 2008

I find it great..but it's a little confusing on how it works. could u tell us or make a place to insert a link to login page and a place to put in the users password because this is confusing

orlandoech [anti-spam] yahoo.com December 2, 2008

Is it possible to add redirection based on user login?

so i.e; XYZ logs in and goes to /xyz.html, ABC logs in and goes to /abc.html

December 9, 2008

Someon can help me with this error?

Warning: fopen(users.php) [function.fopen]: failed to open stream: Permission denied in /home2/pmoreira/public_html/protect/signup.php on line 97

December 26, 2008

I need a script! my site don't accept php files!

acolema2 [anti-spam] gmail.com December 26, 2008

For those that are having the "can not find userlist error", here is what I did to fix it.

I have my files in a serpate folder so I changed the USERS_FILE_LIST definition in the settings php to read:

'../ppa/users.php'

after that it worked fine. It tells the server to go down a server, then into the ppa folder, where my users.php is stored.

Hope this helps.

dj.danc3r [anti-spam] gmail.com December 27, 2008

This script will work ONLY on PHP.
As the code is supported only for PHP.

If you want to use it on HTML it won't work so contact the host of your website and ask them if they can enable PHP for you.

acolema2 [anti-spam] gmail.com December 27, 2008

Fatal error: Using $this when not in object context in /home3/snapplex/public_html/whatgrade/ppa/reminder_form.php on line 63

Anyhow know how to fix this?

December 31, 2008

only change file Permission to 777
only change file users.php Permission to 777

Antony January 5, 2009

Hi Guys

I can't add more than 50 lines in users.php, no errors, nothing...

Any suggestions?

January 9, 2009

i have this two problem
Warning: Cannot modify header information - headers already sent by (output started at D:\www\t2_index.php:1) in D:\www\password_protect_advanced\login.php on line 67

Warning: Cannot modify header information - headers already sent by (output started at D:\www\t2_index.php:1) in D:\www\password_protect_advanced\login.php on line 79

plz help

confuzion January 11, 2009

hey to anyone having problems make sure u try this,

go to the program you use to upload files, i use cuteftp and after u upload the files right click users.php and click the option called chmod and then check mark write for all 3

this is prob why your having errors, if your using a free website then just give up

confuzion January 11, 2009

if your not chmoding the file that means your not giving the website permission to write to the file when new people sign up

Cris March 15, 2009

Killer.
Thanks a lot.

Paula Wol March 21, 2009

excellent stuff. This works beautifully, thanks!

Ernst April 8, 2009

for the ppl with user problems: change the path to the same link as you get generated to protect your page's without the login.php" with the users.php'

Dzizys June 1, 2009

It really helps me . thx brothers and sisters...

jyarnold [anti-spam] att.net June 2, 2009

I figured out the redirect based on username, now I'm wondering, does this script have any sort of encryption? By the way, this is awesome!

Bry Gee June 3, 2009

Great Script!!
Having 3 header and footer files, could this go to just one of each and just add a string to the page titles?
ie $title ='Please enter your username';

June 3, 2009

BRILLIANT!!! THANKS ZUBRAG ;)
css added and files rearranged

working example http://www.lincolnnational.co.uk/login.php

Will make this available if ok with Zubrag

Davidmsilver18 [anti-spam] gmail.com June 5, 2009

Has anyone figured out how to fix the 'Cannot find users list!' problem???

Bry Gee June 17, 2009

what link do you have in the settings?

you can do a direct link

ie define('USERS_LIST_FILE', '/homepages/42/h45454545459/htdocs/4mysite.co.uk/users.php');

may be the better option than
define('USERS_LIST_FILE', 'users.php');

Pontus June 23, 2009

The question was asked before but I ask it again. How to make users who signed up only sign up once and then they can use their login info to login without signing up again?

Thanks

bob June 24, 2009

great setup, thanks so much.

one question - is it possible to keep a log of a user's last login?

June 24, 2009

The last version is 1.1 or Password Protect was updated to a more new ?

steve June 27, 2009

help, log out script?????

jan [anti-spam] cmd.com.my July 11, 2009

nice stuff. i will be using this to add to a folder before the user can reach the cubecart 3. see test on www.no1.com.my/shop

Kiesha July 22, 2009

I have cpanel and I went to my files manager. do I go to password protect directories or file manager? and what file do I download it under or to?

linfidel August 24, 2009

Answer to your questions:
* Look up the word "Comment" in a dictionary.
* Post your questions in the forum.

This is for comments. If you can't understand that, turn off your computer now, you are a danger to the internet.

Disclaimer: I have no affiliation with this site, I am just a programmer who is not totally lame.

John August 27, 2009

"BRILLIANT!!! THANKS ZUBRAG ;)
css added and files rearranged

working example http://www.lincolnnational.co.uk/login.php

Will make this available if ok with Zubrag"

I LOVE WHAT YOU DID!!! CSS AND ALL THAT...

ZUBRAG ARE YOU APPROVE? SO HE CAN MAKE THIS AVAILABLE.....

THANK YOU ZUBRAG!!! FOR ALL YOUR HARD WORK..... AND SHARING THIS SCRIPT

luci_unikatu [anti-spam] yahoo.com August 28, 2009

the script it's great but i want to see the date when the user was registered

qwertyuiop August 30, 2009

thankyou for this!

dean_cochrun [anti-spam] yahoo.com September 8, 2009

Ok for cannot find user list file change these two files

Manager
Line 6 from this $data_file = USERS_LIST_FILE; to this $data_file = 'users.php';

Settings
From this define('USERS_LIST_FILE', 'users.php'); to this ('USERS_LIST_FILE', 'full/path/to/file/users.php');

radi50 [anti-spam] hotmail.com September 25, 2009

September 30, 2009

gshaun October 5, 2009

hi. wonderful script. does it come with a captcha?

Seanagin [anti-spam] yahoo.com October 15, 2009

Sean park

Seanagin [anti-spam] yahoo.com October 15, 2009

Sean

kevin [anti-spam] jmldesign.com October 28, 2009

Hi, I like the script, except that when I log out, I can still go back to the page, so it's really not logged out. Any advice on that?

October 29, 2009

thanks, got it figured out.
one question, i have it set up for each user to have their own page. when i log in as a user, i can easily type in another users page and have access to it. Is there a code or a way to make sure that only that one logged in user has access to only their page and no one elses? maybe a line that excludes everyone except that 1 user to access each page?

drhasan November 1, 2009

Thanks for this script

http://www.hipokratus.com

November 9, 2009

a truely awesome script that works first time. Thank you. Thank you. Thank you. Thank you!!!!!!!

eshanne November 13, 2009

is there any databases i need to add? because i can't login nor signup the form.. help me please..

p759624 [anti-spam] ymail.com November 14, 2009

Thanks

January 24, 2010

its really good script thanks for it

http://www.notalar.1harika.com

laltea [anti-spam] gmail.con January 24, 2010

its really cool
but i have problem whenever i entered the password protected page i get message on the top page as
Warning: Cannot modify header information - headers already sent by (output started at /home/derhken/public_html/page39.php:7) in /home/derhken/public_html/login.php on line 101
what can be the resaon

Gary January 28, 2010

This is AWESOME!!!works like a dream!

aiehfi [anti-spam] yahoo.co.in February 7, 2010

Hello! The whole script is working well but I want those who forgot password to get it when they fill "password reminder" file. There is only one space for messaging writing. will the same message reach all. If I write password there, despite having different password for different users, they all will get the same one password. what to do? Please help

bobby February 25, 2010

Great script. Can I add more fields to the sign up form?

Kuhn1996 [anti-spam] Web.de February 27, 2010

Hallo

March 9, 2010

How can I implement payment option to my php code

CookieMonster March 10, 2010

In manager.php, I see a user.def file name. What do I do with that? I know I need to do something because when I try to log into the manager file on my server, I am getting errors, after logging in to the manager file, in relation to user.def. Can someone please explain how I create this file or what I need to do to stop getting these errors? Thanks!

annasue [anti-spam] comcast.net March 13, 2010

I'm new to this and, so far, it works well. I believe I've edited everything I'm supposed to but when I'm accessing the manager.php and click on "logout", I get this message, even though the file is there in that direcoty:
http://www.cliftscovemadison.com/protect/manager.php?logout=1
Web page cannot be found.

Add Comment

!!! Comments posted here will not be answered. If you want to ask a question please post it on the forum.

Free PHP Scripts :: Advanced Password Protect

Download Advanced Password Protect

Comments

Add Comment