User authorization

Hello,

This is a question regarding user authorization.
I've set of files in my directory and i want to put up a log in screen to enter the user name and password to view any files in the working directory.well, i made it so!
Index.php is my screen for log-in details.

when the user is logged in successfully,main.php will be shown.Now, my question is, when the user tries to view main.php or any other php files in my directory,it should pop up my log-in screen that is index.php.How can i do this?

This is the code which i used for index.php.

<?php
$myuser = "admin";
$mypass = "pass";

if ($user == $myuser && $pass == $mypass)

{
header ('location: main.php');

}

else
{
echo"<form action="$PHP_SELF" method="POST">n";


}

?>

-----Here follows my HTML code for screen display------
Thank you

what you should do is, when they type in the correct login info, set a cookie on their system, then if they try to go to another page, run a script that asks if the cookie is there, if not, then display the login screen

hope thats some help

Ne other suggestions other than setting cookies?

if you dont wanna use cookies, you could always use sessions instead

try reading this article on restricting access to files via .htaccess files.
http://www.devarticles.com/art/1/15

<?php
//this uses sessions - see the php manual if you are confused on this part
session_start(); //start session
//see the php manual for the reasons on the SID part
?>
<html>
<head>
</head>
<body>
\file.php should be the file that
\checks if the username and password
\ are correct
<form method="POST" action="file.php">

<?
//setting the error messages to match the type of error

//this message is if no username/password pair is entered
if ($error==1){
echo "<font color="#FF0000" face="arial" size="2">";
echo "Invalid Login - Please try again";
echo "</font>";
echo "<br>";
session_destroy();
}
//this message is if the wrong username/password pair is entered
if ($error==2){
echo "<font color="#FF0000" face="arial" size="2">";
echo "Unauthorized Access - Please Login";
echo "</font>";
echo "<br>";
session_destroy();
}

//this message is if the cookie has expired
if ($error==3){
echo "<font color="#FF0000" face="arial" size="2">";
echo "Session has expired - Please Login";
echo "</font>";
echo "<br>";
session_destroy();
}

//setting the form now for input
?>
name:<br>
<input type="text" name="username" size="20">
<br>
password:
<br>
<input type="password" name="password" size="20">
<br>
<input type="submit" value="Submit" name="B1">
<br>
<input type="reset" value="Reset" name="B2">
</form>
</body>
</html>

if you plan on using it for multiple users, you should implement uniqid(rand(), 1) to assign each user the uniqid and storing its MD5 in the cookie.

(This happened to me, when my cookies were too easy to forge. This method makes it substantially harder)

Hello,

can some body help me in modifying my code little bit.
I'm trying to put up a log-in screen, the user name and password is hardcode.If the user does'nt enter the login details and press submit, it should check for error 1 and if the login details are not correct it should check for error 2.
Hope somebody would help me.

thank you

<?php
session_start();
?>

<?php
$myuser = "admin";
$mypass = "pass";

if ($user == $myuser && $pass == $mypass)

{
header ('location: main.php');

}

else
{
echo"<form action="$PHP_SELF" method="POST">n";

}
?>

<?

//To check if no user name and password is entered.
if ($error==1){
echo "<font color="#FF0000" face="vendana" size="2">";
echo "Invalid Login - Please try again";
echo "</font>";
echo "<br>";
session_destroy();
}

//To check if user name and password entered is wrong

if ($error==2){
echo "<font color="#FF0000" face="vendana" size="2">";
echo "Unauthorized Access - Please Login";
echo "</font>";
echo "<br>";
session_destroy();
}

//To set the form for input

?>
Herez my html code which displays the log-in screen.