mafunk
12-13-2003, 02:10 AM
Hi,
My client would like me to create a secure download page on his site that is password protected. He wants his IT guy to be able to change the password on a regular basis. He wants total control over the clients ability to access this stuff.
Here is his idea on how to approach it:
He wants to be able to send an email to his clients that has a link that directs the clients to this password protected area. However, he wants it such that when the client clicks on the link he gains access to the area without having to type in a password. (in otherwords the password in embedded in the email). However, if someone goes directly to the site, not throuhg my client's email, that person could not gain access without typing in the proper username and password. I think he wants to do this because that way he is never actually giving anyone the actual password.
I looked around the net and can't seem to find a script to do what I mentioned above. My client is insistent that I do it. I told him that it wouldn't be very secure, and he said, "I don't see how it will be any less secure. . . This doesn't have to be Fort Nox. . . I just don't want it available to the general public." I'm not knowledgeable enough to explain to him why I think its a bad idea. I tried to reccomend some options that I thought were more appropriate, but he wouldn't go for it.
I know how to password protect files and areas, but I don't know how to password protect a file, then to send someone a link to that file in email such that the person clicking on the link can access the file without typing in a password. Can anyone help me? I can't find the answer on the net,. .
He wants a password protected area, with one global password that can be easily changed every month,. He wants to be able to email clients instant access to this protected area without actually giving them a password. One person suggested doing a "hasH' on the password in the email link. But I'm still not sure how to do that to achieve my goal. Any one know of a tutorial page? Another person said that I should use cookies, but I don't see how that would work since the goal is that the user will never actually type the password themselves. Any suggestions?
My client would like me to create a secure download page on his site that is password protected. He wants his IT guy to be able to change the password on a regular basis. He wants total control over the clients ability to access this stuff.
Here is his idea on how to approach it:
He wants to be able to send an email to his clients that has a link that directs the clients to this password protected area. However, he wants it such that when the client clicks on the link he gains access to the area without having to type in a password. (in otherwords the password in embedded in the email). However, if someone goes directly to the site, not throuhg my client's email, that person could not gain access without typing in the proper username and password. I think he wants to do this because that way he is never actually giving anyone the actual password.
I looked around the net and can't seem to find a script to do what I mentioned above. My client is insistent that I do it. I told him that it wouldn't be very secure, and he said, "I don't see how it will be any less secure. . . This doesn't have to be Fort Nox. . . I just don't want it available to the general public." I'm not knowledgeable enough to explain to him why I think its a bad idea. I tried to reccomend some options that I thought were more appropriate, but he wouldn't go for it.
I know how to password protect files and areas, but I don't know how to password protect a file, then to send someone a link to that file in email such that the person clicking on the link can access the file without typing in a password. Can anyone help me? I can't find the answer on the net,. .
He wants a password protected area, with one global password that can be easily changed every month,. He wants to be able to email clients instant access to this protected area without actually giving them a password. One person suggested doing a "hasH' on the password in the email link. But I'm still not sure how to do that to achieve my goal. Any one know of a tutorial page? Another person said that I should use cookies, but I don't see how that would work since the goal is that the user will never actually type the password themselves. Any suggestions?