I am creating a website and need a "members only" section. I have protected a directory so that when you try and access it a log-in dialog box pops up.
Now here is what I want
I have created a log-in form with a user name and password field. I want to pass that info on to the system so that it uses my page to validate user, not the pop-up box.
Ho do I do that?
I am a designer, not a coder, so if this is a stupid simple thing, please forgive my ignorance.
I remember struggling with this about 10 years ago and not finding a workable solution. You can construct a form that redirects using a URL of the form http://username:email@example.com/protected_dir but that opens you up to all kinds of security problems. Files in a protected directory are more for you and your team than for public consumption. It's a way for you to store documents and files in a way that gives you access to them from anywhere, kind of like Dropbox.
The most common way to do this is to use a server side language like PHP to create a session and then have a bit of script at the top of each page that checks the session to ensure the user is authorized.
This is a multi-step process. It requires a login page to display a form to gather a username and password. Often, the same page can be used to check the user credentials, usually against a list contained in a database so that each user can have their own username and password. A successful match results in a session variable being created that indicates to subsequent pages that a user has been validated. Then, each page with protected content has a bit of script at the top that checks to make sure the session variable is set and the user has been validated and redirects to the login page if they have not been logged in.
The alternatives are to get a membership software like aMember or make do with the ugly popup. I've used aMember for a number of sites and find them to be very secure. The learning curve is not too onerous and they have pretty good support to get you up and running. I have also made the login pages and session variables which are infinitely more customizable but might be difficult for someone not conversant with the server side language.
Here is a simple authorization page with a hardwired username and password.
A proper system is much more involved with calls to a database after encrypting the password, matching the username and encrypted password, branching to handle failed logins, tracking failed logins to prevent brute force attacks and a system to reset forgotten passwords. To me, this is all good, clean fun but to someone without a decade of experience with PHP, maybe a membership system is a better call.
I have a basic Godaddy website builder account I need a page where I can hold my wholesale prices and have some of my customers view them. I see your code for username and password. If I plug that in to a page and it comes up where would that take them once they sign in? I want most of my pages public with exception to the pricing page.
Welcome to the community! Currently our Website Builder does not offer the ability to password protect any pages. It's not possible to script a password requirement into the builder at this time either. Sorry about that!
Thank you for this information. After having found many many references on how to password protect pages (including GoDaddy's help) I finally found this paragraph at the end of such a thread. I appreciate your having provided this information: Currently, our Website Builder does not offer the ability to password protect any pages. It's not possible to script a password requirement into the builder at this time either. Sorry about that!" but mourn the time I spent finding this out. Again, thank you for what you do, I just wish this tidbit was a bit more available. (I realize that this isn't your doing but it doesn't reflect the level of service I have come to expect from GoDaddy.)
Why does GoDaddy help tell me I can when it isn't an option then? There doesn't seem to be a "password protection" page.