Advanced PHP Protection

Advanced PHP Protection


Key Features:

  • Works with any .php file.
  • Custom password and brute force warning pages.
  • Well documented functions.
  • Can easily be integrated into a database set up with multiple users.
  • Single line mode, protect any page by simply including the file.
  • Passwords can be set as either a md5 of sha1 hash or plain text if you prefer.
  • Server side brute force protection, with options to change the maximum number of attempts and the block duration.
  • No database or installation required.
  • Email support provided.
  • Light weight.

NOTE: The session is used to store the username and password so you dont have to login again when the page is reloaded. The variables $_SESSION[‘username’] and $_SESSION[‘password’] are used by default, if you need to use these in the script being protected you can set custom names using the custom_session_keys() function, see documentation for more information.

Example Useage:
Standard Mode

$pass = new secure;

// Set the username and password, in this case as a sha1 hash
$pass->set_credentials('admin', '5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8');
// set the hash type
// set some custom session keys
$pass->custom_session_keys('name', 'pass');
// enable brute force protection, disabled as default.
// set a custom page for the user to be sent to if the password it entered incorrectly.
// finally apply protection to the page.

echo 'protected content here.';

Single Line Mode

echo 'protected content here.'


Example of the login page included
Username: admin
Password: lemon

NOTE: this script will only work if you have PHP version greater than 5.1. I have had a few emails from people complaining of a blank page who were using PHP4. You can check you version by using the following code.

<?php echo phpversion(); ?>

I don’t want anyone to waste their money.

If there are any problems with this item, the best place to ask is in the forum as I check that at least once a day.


Author Image