Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’ve been following a tutorial to make a blog in PHP and MySQL. But at the end of the tutorial, the finished blog lets any user who comes to the website edit the categories and post. What would be the best way to limit certain portions of the website to myself? I’ve thought of a login system where only I can login, or there might be a way in .htaccess. Any suggestions?
Take a look at PHP sessions.
You’ll need some list of users to authenticate against. If this is a database, create a Users table, with columns username and password.
At the beginning of every page you put
start_session(). This retains the session between pages.Create a login page and link. On the login page, you authenticate the passed in username and hashed password against your list of users. If the user passes authentication, you add a session variable that stores which user is logged in. Also, regenerate the session ID after login to prevent session hijacking.
On every page that requires member access, you check to ensure the user is logged in. If not, you redirect them to the login page.
If you use .htaccess to setup HTTP basic authentication, you’ll want to block just the pages that allow the user to edit the blog.
Consider adding SSL (HTTPS) in either case, otherwise, login credentials can be stolen if people are on an open network.