Password protection

hey..

I am developing a web application and need it to protected by passwords. I was wondering if there was any way in which the users could create and save their own passwords ?

The other problem that i am thinking about it is... if the password protects www.my.com/index and when entered correctly takes the users to www.my.com/index1... is there any way that when the user types www.my.com/index1 manually in the address bar it will ask him for the password...

thnks for all the help in advance..
AJ
achaljalanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

COBOLdinosaurCommented:
You have to do security on the server side. What do you have access to on the server?

Cd&
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
php-webdesignCommented:
yes this is possible.

you can use .htaccess and .htpassword, but this is harder to let the users create their own password. (don't know what the effect is of a password protected area when users can create their own pass...)

or you can use a PHP script for this

short explanation of the PHP script:

create a login form, and call this script: (be sure the username and password fields are called: username / password)

<?

$username = $_POST['username'];
$password = $_POST['password'];

//build query
$query = "SELECT * FROM users
   WHERE username='{$username}'
   AND password='{$password}'";
//execute query
$result = mysql_query($query);

//check if there are results
if(mysql_num_rows($result) > 0){
   $_SESSION['username'] = $username
   header("Location: index1.php");
} else {
   die("Sorry, no login details found");
}
?>

the on top of every page:

<?
if(!isset($_SESSION['username'])){
   header("Location: loginform.php");
}
elseif(empty($_SESSION['username'])){
   header("Location: loginform.php");
}
?>

something like this??...
0
achaljalanAuthor Commented:

The server i am using is the websphere application server and have full access to it...
0
php-webdesignCommented:
then you can maybe work with .htaccess if the webserver app is apache...

otherwise you will have to use a server side scripting language
0
php-webdesignCommented:
no objections... author gave no more comments so think it is solved.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Languages and Standards

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.