我需要构建一个极其简单的单用户身份验证系统。它用于管理后端,我只需要一个用户帐户就可以访问它。我不想创建“用户”数据库。由于只有一个用户,它甚至可能只是一个密码
(不需要用户名)。 JavaScript 警报窗口是输入此信息的好地方。
我以前在供应商“审查”服务器上见过它......如何最好地实现这个?
谢谢!
I need to build an extremely simple, single user authentication system. It's for an admin backend, and I only need a single user account to be able to access it. I'd rather not have to create a "Users" database. Since there is only a single user it could even be JUST a password
(no need for a username). A javascript alert window would be a nice place to enter this info.
I've seen it before on vendors "Review" servers...how best to implement this?
Thanks!
发布评论
评论(3)
对于每个需要身份验证的页面,您可以使用会话来查看用户是否已通过身份验证,如果没有,则将其重定向到身份验证页面。
例如,如果您有一个需要身份验证的 admin.php 页面,您可以这样开始:
然后,authenticate.php 可以是一个要求输入密码的简单脚本。如果密码正确 (
if ($_POST['password'] == "secret")),则只需设置$_SESSION['authenticated'] = true。For each page that needs authentication, you could use the session to see if the user was authenticated or not, and if not, redirect him to the authentication page.
For example, if you had an admin.php page that needed authentication, you could begin with:
Then, authenticate.php can be a simple script that asks for the password. If the password is correct (
if ($_POST['password'] == "secret")), it simply sets$_SESSION['authenticated'] = true.我一直在出于某些管理目的使用此技术:
I have been using this technique for some admin purpouses:
最简单的方法是不创建任何用户表或凭据或会话或任何内容,只需按照 mario 建议使用 .htpasswd 密码保护管理员目录即可。
您可以使用此 教程,以便更好地理解和轻松设置
The simplest way is to not create any user table or credentials or sessions or anything, just password protect the directory for admin as mario suggested using .htpasswd
You can use this tutorial for better understanding and easy setup