Password Protect SmartAdmin

greenspun.com : LUSENET : S-Mart Shopping Cart : One Thread

Thought I'd share this one with you. just hope I can explain it ok. You may need to view the source of this page if this form changes my posting... Just after the line - $command = $FORM{'command'}; :insert this: if ($FORM{'pword'} ne $pword){ print "Content-type: text/html\n\nForget the password??\n"; exit(0); } in Smartcfg add: $pword = "shazam"; # your password # search SmartAdmin for - command - and add to the end of each: \&pword=$pword\ example: form method=POST action=\"$adminurl\?command=delete\&pword=$pword\

The first time toy access smartadmin you will need to add ?pword=shazam to the address example: www.something.com/cgi-bin/smartadmin.cgi?pword=shazam

Eddie Deboard www.TheComputerFolks.com

-- Eddie Deboard (eddie@writeme.com), February 14, 2000

Answers

GOOD WORK EDDIE: Here's how to make it simpler: # In Smartadmin.cgi # Just after the line - &parse_form; # Insert this: if ($FORM{'pword'} ne $pword){ print "Content-type: text/html\n\n\n"; print ""; print "
"; print "
ENTER YOUR PASSWORD
\n"; print "\n"; print "
\n"; print "
"; exit(0); } # In Smartcfg.cgi add: $pword = "shazam"; # your password # search SmartAdmin for - 'command' - and add to the end of each: # \&pword=$pword # example: form method=POST action=\"$adminurl\&pword=$pword Now the first call to the script will prompt the administrator to send a form for the password. This is really a nice contribution, Eddie. .htaccess is only a little better.

-- gregory Swofford (computer@web-store.net), February 14, 2000.

Great Idea, Im putting this in now. Along with changing the file names to cryptic ones.

-- Mike Brazier (mike.b2@virgin.net), March 06, 2000.

Moderation questions? read the FAQ