basic authorization script to protect pages like administration, upload etc. put this code at the beginning of the page you want to protect.

basic authorization” makes use of the built-in PHP functions header( ).

01 <?php
02 
03 // the name of the section you want to protect
04 $site_section = 'phparadise secure demo section';
05  
06 // the desired username / password
07 $user = 'siteuser';
08 $password = 'tester';
09  
10 $isauthorized = 0;
11  
12 // check if not authorized already
13 if(!isset($_SERVER['PHP_AUTH_USER']))
14 {
15     // if not authorized, show authentication dialog box
16     header('WWW-Authenticate: Basic realm="'.$site_section.'"');
17     header('HTTP/1.0 401 Unauthorized');
18     $statusmessage = '<p>Authorization Required.</p>';
19 }else{
20     // if user or password is wrong
21     if(($_SERVER['PHP_AUTH_USER'] != $user) || ($_SERVER['PHP_AUTH_PW'] != $password))
22     {
23         // show authentication dialog box again
24         header('WWW-Authenticate: Basic realm="'.$site_section.'"');
25         header('HTTP/1.0 401 Unauthorized');
26         $statusmessage = '<p>Authorization Required.</p>';
27     }else{
28         // if user and password match
29         $statusmessage = '
30         <p style="font-weight: bold;">welcome '.$user.'!</p>
31         <p>you now have access to '.$site_section.'</p>';
32         $isauthorized = 1;
33     }
34 }
35  
36 if($isauthorized == 1)
37 {
38     // set session or cookie to keep authorization for other pages
39 
40     // print status if you want
41     // echo $statusmessage;
42 
43     // put your secured page content here
44 
45 }else{
46  
47     // print status if you want
48     // echo $statusmessage;
49 
50     // exit if you want to block the whole page
51     // exit();
52 
53     // put your normal page content here
54 }
55  
56  
57 ?>