xhtml and security without server side scripting

[securobo2]

I am happy with html/xhtml I have created some pages that I will maintain manually (updates, revisions and etc.). I have some questions.1. Is there a way to keep these pages on the server and only allow those that have login, passwords and specific rights to specific pages to access them?2. Is this possible without a server side scripting language?3. IF it is not possible, what would be the simplest way to create a password user system with rights using PHP. How would this be used to serve the xhtml pages. That's a broad question so please fill free to add a link to resources or other threads if possible. However, please note that I am not looking for a CMS (Content Management System). So the simplest scripts with MySQL would be the best.4. Does anyone have some ideas and solutions that I might not have thought of for serving pages with a login system. The above is most of what I could come up with. Any idea or solution is welcome. Especially example websites and so on.

[chibineku]

You can create password protection on certain pages or directories using Apache's .htaccess file. First, you have to find out if your server is Apache. If it is, then here is a handy tutorial.Doing it with a server side language is more complicated, but it gives nicer results if you only want to restrict access to portions of web pages instead of entire pages or directories. It's a lot more complex, so I'll let you look at that tutorial to see if it fits your needs first.

[securobo2]

Thank you for that. It's the most helpful link. It's exactly what I needed.You mentioned you have an example for server side scripting that is more complex. If you can post the info, it would be great. I might be interested trying something with more features and control.

[boen_robot]

Making a login system with PHP is usually a combination of using PHP sessions (for the purpose of maintaining you logged in), MySQL selection (to get the required username and password), capturing and comparing POST data (to see if the inputted username and password match the required ones), MySQL insertion (to add new usernames and password to the possible ones, and maybe a few more things in case you want to make the login system secure enough.This post offers an example of a login system, but it's not to be copy&pasted blindly. See all notes (do not skip a word!), try each step separately, and only move on if it works (reread and retry if it doesn't, and ask if it still fails).