Keep visitors (and Google) away when you are building your website

If you are developing your new website you (or your customer) will need to check how things look every now and then.
Using this solution you can only browse the website after a password is succefully posted.

To do this we will need to upload an extra file to the template directory, and add one line of code to the top of your template.

The added file will present the visitor with a neutral white screen and a password request.
If the password is sent and it was the correct password a session variable will be set so the visitor can stay browsing until he closes his browser.

The password is stored in plain text in the file making it easy for you to change to any password/pincode you like.

If there is no valid password seen the password prompt is shown and all further WebsiteBaker output is stopped.

The script

Checking for a password or session variable:

<?php
if(isset($_SESSION['l'])) return true;
if(isset($_POST['pass'])) {
    $password = $_POST['pass'];
    if($password == 'mysecretpassword') {
        $_SESSION['l'] = true;
        return true;
    }
}
ob_end_clean();
?>

If these checks fail we will need to present the visitor with a password request.

<!DOCTYPE html>
<html>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8'/>
<title>Login</title>
<style>
	* { margin: 0; }
	body{ background: #fff;}
	.box { text-align: center; font:16px verdana; width:345px; margin: 150px auto 0;}
</style>
</head>
<body>
<div class="box">
	<form id='login' method='post' accept-charset='UTF-8'>
	<input style="padding: 10px" type='password' name='pass' id='pass' maxlength="50" />
	<input style="padding: 8px" type='submit' name='Submit' value='Login' />
	</form>
</div>
<script>document.getElementById("pass").focus();</script>
</body>
</html>

and finally, stop executing php so the website cannot be seen.

<?php exit(); ?>

Your template

In the active template we now can include our login script. On the very first line of the index.php we will need to add:

<?php include(dirname(__FILE__).'/frontendlogin.php'); ?>

Save the modified index.php and nobody can look at your website unless you give the the password.

Download the script

This article is tagged with:
Templates PHP Tricks

Related articles

Using multiple columns dynamically in a template

Sometimes you want to use more than one column in a template, but not on all pages.
This article will explain how to do this.

Read the full article

Comments on this article - Note: comments will be reviewd by a moderator before publishing!

Frank
May 25, 2015 - 15:23:14

Hi Ruud, i use

if(is_file(dirname(__FILE__).'/frontendlogin.php')){
include(dirname(__FILE__).'/frontendlogin.php');
}

The user only have to rename the frontendlogin.php to deactivate it.
Easier as commenting out in index.php i think.

Regards

Frank plugins.onkel-franky.de
Sep 07, 2014 - 23:12:15

Feine Sache. Danke dafür!

Nick
Aug 31, 2014 - 11:57:30

This is very handy. I always use htaccess to allow from IP which is a pain as dynamic IP changes. Thanks for the little script will use it each time I'm designing a new clients site.

Roland
Jul 23, 2014 - 10:23:18

Works great!

Thank you for sharing.

Add your comment

Your name:
Email address:
Website:
Your comment: