Frequently Asked Questions

• What is phpSecurePages?
• phpSP doesn't remember my login data so I have to log in on each page
• If someone is logged in, can I use their information on my page?
• I get an error saying: Cannot send session cookie - headers already sent
• I get an error saying: Failed opening file for inclusion
• I get an error saying: Failed to open /tmp/sess_...
• I get an error saying: Warning: Undefined variable: message in phpSecurePages/secure.php
• Are other databases supported?
• How can I manage the users in the database?
• How do I add more user accounts without a database?
• Is it possible to rename the file extentions to other extensions then .php?
• I have existing .html or .htm pages that I need to protect. What can I do?

phpSecurePages is a PHP module to secures pages with a login name and password. It can handle multiple user groups (each with their own viewing rights), store data in a MySQL database or a configuration file, and be used to identify your Web site viewers. It also has multiple language support and session support for both PHP4 and PHP5.

This is indeed not the intended behaviour, since phpSecurePages should remember your login data as long as your browser stays open.
If you have to log in on every page, there probably is an error somewhere on your server. Please check if the php session coding works OK, if you have correctly created the database as laid out in the documentation and if your browser accepts cookies.

login name:   $login
        password:     $password
        user level:   $userLevel
        ID code:      $ID
        

Error shown:

If you get an error like the one shown above, the calling line of the script (see below) is not placed on the very first line of your page. Solve this by putting this line at the start of your document.

<?PHP include("phpSecurePages/secure.php"); ?>

Error shown:

First check if the variable $cfgProgDir is entered correctly. If so, you are one of the unfortunate people who have a server which can't handle environmental variables correctly. The HTTP_HOST variable doesn't point towards the right location, so phpSecurePages can't find the files it needs to include.
There is no solution for fixing this variable. But you can work around it manually. You have to change something in the file secure.php . Change the variable $cfgProgDir on line 105 (also shown as the last line below) to the correct location (where the files of phpSecurepages are).

In the file 'secure.php':

/**********************************************************/
        /*           End of phpSecurePages Configuration          */
        /**********************************************************/


        // https support
        if (getenv("HTTPS") == 'on') {
                $cfgUrl = 'https://';
        } else {
                $cfgUrl = 'http://';
        }

        // getting other login variables
        $cfgHtmlDir = $cfgUrl . getenv("HTTP_HOST") . $cfgProgDir;
        $cfgProgDir = "MyLocation of the Directory with the Files";
        

Error shown:

There is a problem with the configuration of your php version. Edit you file php.ini to correctly set the temporary directory for session files.

This is a problem with the configuration of PHP on your server. Please make sure that in the config file php.ini the variable 'error_reporting' does not include E_NOTICE.

A correct setting could be like this:

No, at the moment there is only support for a MySQL database connection.
I do however have obtained the code for several database classes, so when this code is build into the application, the usage other databases will be possible. For now, I can't tell yet, when that will be finished.

At the moment there are no admin tools available with phpSecurePages for the user database.
I have however, made it very easy to add extra code to the program. So, you have to make the code for adding users to the database yourself, or use available database management tools. I suggest you use a package like phpMyAdmin for database management.
You can, of course, also add the users manually in the file 'config.php'.

Q: I would like to know how I will be able to add more user accounts (without a database).
Say I want 12 users with different usernames and passwords to have access to level 1. Can I add more than 1 user/pass to config.php or do I need the database connection for this?

A: Yes it is indeed possible to create more then one user on the same access level without a database, just create more array-levels.

Sample of additional array-levels:

...

        $cfgLogin[11]     = 'Username';
        $cfgPassword[11]  = 'Password';
        $cfgUserLevel[11] = '1';
        $cfgUserID[11]    = '';

        $cfgLogin[12]     = 'Username';
        $cfgPassword[12]  = 'Password';
        $cfgUserLevel[12] = '1';
        $cfgUserID[12]    = '';
        

Yes, this is possible, you have to make sure however that also the links in the code are updated.
Furthermore, you have to make sure that all pages are parsed by the PHP engine. Warning: this is not the case for .html on default configurations of a server. You have to make sure that the server treats those files as php files. If you are running Apache, you are in luck. All you have to do is modify your .htaccess file: For .html pages:

You can use the same phpSecurePages code to protect your .htm or .html pages, but you will need to tell your server to send the pages to the PHP preprocessor first, before giving the page to the public. If you are running Apache, you are in luck. All you have to do is modify your .htaccess file: For .html pages: