include 'cookie_check.php'; ?>
Member Admin Area
Create a new member login - http://www.otva.com/member_registration.php
Delete an existing member login - http://www.otva.com/member_delete.php
Update an existing member expiry date - http://www.otva.com/member_status_update.php
List all usernames in the database - http://www.otva.com/memer_listall.php
Web page security description.
Following is a brief description of how pages on this web site can
be restricted to viewing only by registered members of the association.
By using PHP scripts together with a MySQL databse a reasonable
level of security has been implemented on this web site. The My
SQL database (called "users") on the web site stores the
user names and encrypted passwords for all registered members. All
the web files files with a file extension of PHP with the instruction
<? include 'member_auth.php'; ?> in the first line of code
are secured by the password system. In fact all the PHP security
scripts have this line inserted so only a regisered user can view
and use these scripts. Following is a list of the scripts in the
security system and their use:
- "member_admin.php" - This page you are reading now.
It also has links to pages to add and delete logins.
- "member_auth.php" - This script looks on the members
computer for a cookie created when they login. If the cookie exists
the member is allowed to view the page, if the cookie is missing
they are redirected to the error page - "member_notloggedon.html".
- "member_bibi.php" - displayed when members logout
- "member_delete.php" - deletes a login from the database.
- "member_logon.html" - this pages displays a form for
the member to enter their username and password and then calls
"member_logon.php" to validate the login.
- "member_logon.php" - validates the username and password
at member login. The script checks the entered login information
with the username and password stored in the database, if they
match a cookie is created on the member's computer and the script
- "member_logout.php" - runs when members click on "logout'
on the web site menu. The script modifies the time in the cookie
to the past so the cookie on the member's computer is destroyed.
- "member_notloggedon.html" - displays a warning when
accessing secure pages without first logging in.
- "member_ok.html" - displays a message when members
log in ok.
- "member_registration.php"- script to register new
logins. Adds new usernames and encrypted passwords to the database.
- "member_status_update.php" - script to update the
member "expiry date" field in the member database. This
field is checked during the logon process and will advise members
at logon if they are unfinancial.
- "member_unfinancial_login_ok.html" - shown at successful
logon if the member is unfinancial.
All the PHP scripts are quite well commented internally to explain
their operation. To password protect an existing HTML page simply
edit the HTML page and insert the code <? include 'member_auth.php';
?> into the first line, then save the document with a PHP file
extension and delete the old HTML file. To unprotect a document
reverse this procedure.