Password Protected Area FAQ

Do I need to know PHP to use this script?

It would certainly help. There is sample code provided that performs most of the functions that you are likely to require. At a minimum you will have to copy and paste the sample code into various pages in order to get the pages to perform the required tasks.

If you don't know anything at all about programming then you may not be able to set up a fully functional membership area using this script. You can always ask for me to provide a quote on setting the whole thing up for you (as I already have the toolkit to use as a starting point I can probably do it cheaper than someone else who has to start from scratch).

How can I ad a login box to multiple pages?

Use the index.php file as a template for any page that you want to add the login box to. There are three pieces of PHP in that page.

  1. The piece at the top has an include to attach the needed functions to the page.
    The logout() call makes sure that when someone returns to this page that they are logged out so.
  2. Set $_SESSION['page'] to the page that you want as the first page seen when someone logs in.
    The call to loginForm() will display the login form at whichever spot on any page you place it on provided that the function is linked in at the top of the page.
  3. The call to lostForm() will display the request for new password form.

You will still need the login.php page as well as that page will validate the password before redirecting to the page specified in the session variable display if an incorrect password is entered or if an attempt is made to access a protected page without logging in first. In thi slast instance the person will be sent to the page that they were trying to access after entering their correct login details on the login page.

How do I make the supplied pages look like the rest of my site?

The admin.php email.php login.php logout.php lost.php and password.php files don't need to be touched. You change the way that those pages look by inserting all of the content that you want to wrap around those form in the inc/cust.php file in the top() and bottom() functions. Those two functions are called from the appropriate spots in those pages to insert your standard page layout around the necessary processing for those functions.

How do I create protected pages?

The main.php page is your template for all of the content pages that you are creating within the member's area. The lines down to allowAccess('N'); are required as they are what sets up the pages to verify that the person is correctly logged in before allowing them to see the page and redirects them via login.php if they are not. The calls to top() and bottom() can be used if you want to wrap the same template around your pages as what you put around the standard pages I supplied or you can code it your own way if you prefer. The other code at the top of that page shows how to link the admin, password, email, and logoff functions into your pages. If you wanted to put then into all of the pages you could move them into the inc/cust.php file.

Why doesn't the link to the Admin page show up?

The reason that the login administration link doesn't appear is that it has the if statement in front of it that tests $access_level == 'A' which ensures that the admin page is only accessible to someone logged in as administrator. The initial login that was set up when you installed the table in the database has a username of admin and a password of password and is configured as administrator. You can use that user to access the admin page to allocate other users as administrator, to change the expiry date for individual member access (change it to a past date to delete someone) and to temporarily lock individuals out if required (by setting their access to Locked). If everyone had access to that page then they could lock you out of your own member's area.

What happens when someone tries to access a protected page?

The script saves the page that they are trying to access in a session variable and then calls the login page. Once they login it then takes them directly to the page that they were trying to access.

I get a fatal error on the session_start() command.

Some hosting accounts do not have a default file set up for session handling so you will need to define your own. You can do this by adding the following two lines of code above the session_start() call in each place where it occurs.


You may need to check with your web host to find out what path to enter in the second line.


This article written by Stephen Chapman, Felgall Pty Ltd.

go to top

FaceBook Follow
Twitter Follow