.htaccess Password Protection

This tutorial will help you learn how to password protect your file quickly and easily in a few lines of code.

The code can be split up into three if-else statements. Let's take a look at what we will have to do in order to set up the password protection:

1. If the user has not been authenticated, then use the PHP header and ask for a username and password.
2. Else, if the user's name is "spoono" and the password is "spoono", log in. Inside here you would put all the code for the user.
3. Else tell them the user/password failed.

Finally, here is the PHP Code:

<?
//part 1
if (!isset($PHP_AUTH_USER)) 
{ 
    header("WWW-Authenticate: Basic realm=\"Spoono Password.\""); 
    Header("HTTP/1.0 401 Unauthorized"); 
    exit; 
}     

//part 2
else if(($PHP_AUTH_USER=="spoono") && ($PHP_AUTH_PW=="spoono")) 
{ 
   echo "You got in...";
   //place the code for the whole user page in here 
   //you can also set up a redirect to the user page if you want
} 

//part 3
else  
{ 
   echo "<html><body bgcolor=ffffcc>Faiiiiiiiil"; 
   //fail try again
} 
?>

Some notes about this script: it is essential to note that this username and password will last the whole session, that means that as long as that explorer window is open, the name and password will be saved for that realm. So if you mistyped the name or the password, you'll have to close the explorer window and re-open it and try again. Not too tough was it? Well thats it folks. I hope it works out for you and if it doesn't, email for help at webmaster@spoono.com and we'll try to help you out.