password protect page

[stargazer96]

hello everybody,
is it possible -in a simple way- to password protect a page but without using -any- plugin(s)?
(I read the articols about "members area", but that solution -unfortunatelly- did not fit my needs).
thank you in advance for your help.

[Tata]

what else do you need? what do you mean by pasword protect page?
Members area and/or register plugin are the best solution written for CMSimple of all versions.
Members are may not work correctly with CMSimple-XH.1.6.6

[stargazer96]

hi Tata,

thank you for your answer.
as I already wrote 'members area' did not suit my needs.
I wish to password protect <h1>Test</h1> page. that's all.
can anybody help, is it any possibility to do it?
thanks.

[cmb]

as I already wrote 'members area' did not suit my needs.

It seems to be noteworthy that you're probably looking for a solution for classic CMSimple (CMSimpe 3.2?)

I wish to password protect <h1>Test</h1> page. that's all.
can anybody help, is it any possibility to do it?

Well, a simple solution not suited for strong security requirements and somewhat inconvenient seems to be possible. Just add the following code to cmsimple/functions.php:

Code: Select all

$temp = 'test'; // enter real password here
if (!$adm && $su == 'Test' // enter real page URL here
    && (!isset($_GET['userpass']) || $_GET['userpass'] != $temp)
) {
    $c[$s] = <<<EOS
<script type="text/javascript">
var pass = prompt("Enter password");
if (pass == "$temp") {
    location = location + "&userpass=$temp";
}
</script>
EOS;
}

You may want to change the password and maybe the page URL (see the comments). Note that this requires the user to have JavaScript enabled (or to type in the password into the URL manually). Note also that the identation of the code must not be changed.

[stargazer96]

dear Christoph,

your guess is correct
thank you very much for this simple but valuable solution!

[manu]

Password cleartyped in the sourcecode?? This is an invitation.
Why not just hide the page in the menu set by page params, and publish the link of the page to the people allowed to? This protection is at least as strong and doesn't need any core hack.

[stargazer96]

hi manu,
thank you for the observation, but it is just a simple short 'test page' (which is hided in the content file) and accesible from a -couple of- links, with not so relevant information, but not need it and not available for everybody.
I just tried to ask a simple solution for it, which Christoph -generously- resolve it.
I will check it periodically, and I will feed-back if I observe any 'strange issues'...
thanks.

[cmb]

Password cleartyped in the sourcecode?? This is an invitation.

Certainly, that is bad. However, it is the same with classic CMSimple (cleartext password in config.php).

Anyhow, I'm more concerned that the password is propagated via the URL, so it could inadvertently be posted somewhere else or maybe bookmarked. A solution similar to CMSimple's JavaScript login would be a bit better, but that requires more code, and it is still not really safe.

[stargazer96]

hi Christoph,
thanks for the reply, I will not use it then, try to do something else, perhaps just hide the page as h3 title, and gave the link only to related persons.
thank you again for all of you for the observations and for the help.