How Can I Password Protect Certain Webpages On My Site

[bullrider2]

I am new to website designing and I use Dream Weaver 4 to make my site. I have a password and username protected area on my site. But it is from a bravnet account. I use it for private members and there are expiry dates on the memberships. I have discoverd that if a person is in the private members area of my site. They can save it to there favourites and get in without using there username and password. Each member has to reaply for membership once a year. So if they do not reapply. They will still be able to get in and get my files from my site without membership. If that happens I will have to shut down the files area and start e-mailing the files. I have till November to figure it out. That will be one heck of a lot of e-mailing for me.
So if anyone can help?
I would appreciate it.
Thanks
bullrider2

[daTh0r]

When you want to protect your site you have to use htacces files.These are cryptet with machine spezefic code which is really hard to "crack".And when you want to an flexible database i think you have to use mysql connectet with another script...search for these things with google you will get hundreds of results.

[GreekGoddess]

Here are a couple of overviews on .htaccess:

http://www.widexl.com/scripts/docume.../htaccess.html
http://www.hwg.org/lists/hwg-servers/passwords.html

And here are directories of scripts that will also accomplish the same task...

ASP:
http://www.hotscripts.com/ASP/Script...er_Management/

PHP:
http://www.hotscripts.com/PHP/Script...er_Management/

Perl:
http://www.hotscripts.com/Perl/Scrip...er_Management/

[jhollings]

Contact your hosting company about a secure area. They might offer it and that will be the most secure when dealing with newbie crackers. JHollings

[journy101]

You dont nessisarly have to use .htaccess and .htpasswd to password protect areas of your site.

Here is an example:

Simple Login, Logout, and Session Handling http://www.etronicscomputers.com/doc...rbeginners.htm

In my case, I used php. First I created a simple form, with two fields, username and password, then when it is submited, it gets sent to the same page. On that page, I wrote a php script that opens a file pwds.dat which contains usernames and passwords in this format

user1:encriptedpasswd\nuser2:encriptedpasswd

The username is first searched for, if the username is found inside pwds.dat then the user is valid, then I take the password, and i crypt it useing DES, and compare it to the password in pwds.dat, if they match then the password is corect, I start a session, and register username and password to a session. Then redirect to the page. Else I just display an error like, your password did not match, or you are not a valid user.