phpSecurePages logo

phpSecurePages is FREE
for non-commercial use
.
For commercial use, please
purchase a license by clicking
on the button below.

Frequently Asked Questions

phpSecurePages is a PHP module to secures pages with a login name and password. It can handle multiple user groups (each with their own viewing rights), store data in a MySQL database or a configuration file, and be used to identify your Web site viewers. It also has multiple language support and session support for both PHP4 and PHP5.

This is indeed not the intended behaviour, since phpSecurePages should remember your login data as long as your browser stays open.
If you have to log in on every page, there probably is an error somewhere on your server. Please check if the php session coding works OK, if you have correctly created the database as laid out in the documentation and if your browser accepts cookies.

Yes, this is possible. The following variables have been set, and can thus be used on the page.

login name: $login password: $password user level: $userLevel ID code: $ID

Error shown:

Parse error: parse error in /user/www/phpSecurePages/session.php on line 1

Warning: Cannot send session cookie - headers already sent by (output started at /user/www/phpSecurePages/session.php:1) in /user/www/phpSecurePages/logout.php on line 1

If you get an error like the one shown above, the calling line of the script (see below) is not placed on the very first line of your page. Solve this by putting this line at the start of your document.

<?PHP include("phpSecurePages/secure.php"); ?>

More specifically, no code that outputs to the page may be placed above this line, like commands as 'echo', 'print' and header information.

Error shown:

Warning: Failed opening '/user/www/phpSecurePages/secure.php' for inclusion in /user/www/index.php on line 2

First check if the variable $cfgProgDir is entered correctly. If so, you are one of the unfortunate people who have a server which can't handle environmental variables correctly. The HTTP_HOST variable doesn't point towards the right location, so phpSecurePages can't find the files it needs to include.
There is no solution for fixing this variable. But you can work around it manually. You have to change something in the file secure.php . Change the variable $cfgProgDir on line 105 (also shown as the last line below) to the correct location (where the files of phpSecurepages are).

In the file 'secure.php':

/**********************************************************/ /* End of phpSecurePages Configuration */ /**********************************************************/ // https support if (getenv("HTTPS") == 'on') { $cfgUrl = 'https://'; } else { $cfgUrl = 'http://'; } // getting other login variables $cfgHtmlDir = $cfgUrl . getenv("HTTP_HOST") . $cfgProgDir; $cfgProgDir = "MyLocation of the Directory with the Files";

Error shown:

Warning: open(/tmp/sess_cd63ba930a0e37a8e4f46d6c04e5akb1, O_RDWR) failed: m (2) in d:/www/phpSecurePages/checklogin.php on line 62

There is a problem with the configuration of your php version. Edit you file php.ini to correctly set the temporary directory for session files.

This is a problem with the configuration of PHP on your server. Please make sure that in the config file php.ini the variable 'error_reporting' does not include E_NOTICE.

A correct setting could be like this:

error_reporting = E_ALL & ~E_NOTICE    ;show all errors, except for notices

No, at the moment there is only support for a MySQL database connection.
I do however have obtained the code for several database classes, so when this code is build into the application, the usage other databases will be possible. For now, I can't tell yet, when that will be finished.

At the moment there are no admin tools available with phpSecurePages for the user database.
I have however, made it very easy to add extra code to the program. So, you have to make the code for adding users to the database yourself, or use available database management tools. I suggest you use a package like phpMyAdmin for database management.
You can, of course, also add the users manually in the file 'config.php'.

Q: I would like to know how I will be able to add more user accounts (without a database).
Say I want 12 users with different usernames and passwords to have access to level 1. Can I add more than 1 user/pass to config.php or do I need the database connection for this?

A: Yes it is indeed possible to create more then one user on the same access level without a database, just create more array-levels.

Sample of additional array-levels:

... $cfgLogin[11] = 'Username'; $cfgPassword[11] = 'Password'; $cfgUserLevel[11] = '1'; $cfgUserID[11] = ''; $cfgLogin[12] = 'Username'; $cfgPassword[12] = 'Password'; $cfgUserLevel[12] = '1'; $cfgUserID[12] = '';

Yes, this is possible, you have to make sure however that also the links in the code are updated.
Furthermore, you have to make sure that all pages are parsed by the PHP engine. Warning: this is not the case for .html on default configurations of a server. You have to make sure that the server treats those files as php files. If you are running Apache, you are in luck. All you have to do is modify your .htaccess file: For .html pages:

AddType application/x-httpd-php .html

and/or for .htm

AddType application/x-httpd-php .htm

You can use the same phpSecurePages code to protect your .htm or .html pages, but you will need to tell your server to send the pages to the PHP preprocessor first, before giving the page to the public. If you are running Apache, you are in luck. All you have to do is modify your .htaccess file: For .html pages:

AddType application/x-httpd-php .html

and/or for .htm

AddType application/x-httpd-php .htm