Yeah I echoed the variables and they are indeed returning properly. I read up more on the PHP manual in regard to crypt() and am reading Mordred's post now as well. I should be able to get it running, the last time I did this md5() was the chosen way to encrypt passwords!
I appreciate the help/link.
Search found 6 matches
- Tue Feb 14, 2012 11:08 pm
- Forum: PHP - Code
- Topic: Why isn't this login working?
- Replies: 10
- Views: 2559
- Mon Feb 13, 2012 9:46 am
- Forum: PHP - Code
- Topic: Why isn't this login working?
- Replies: 10
- Views: 2559
Re: Why isn't this login working?
Also I don't even see where you define $PHP_AUTH_PW, $PHP_AUTH_USER or $password. If they are session data, you have to read them from the $_SESSION array. ...I have made some modifications to it now to make it more secure. Definitely. Now no one can get in. Sorry, bad joke. I ended up changing the...
- Sun Feb 12, 2012 7:44 pm
- Forum: PHP - Code
- Topic: Why isn't this login working?
- Replies: 10
- Views: 2559
Re: Why isn't this login working?
No, that's the entire script, the connection to MySQL is made in the config file. I'll give a try echoing to see what the variables are outputting. Also, mysql_error() is included already, not returning anything. This is a script that worked with an older version of PHP, but I have made some modific...
- Sun Feb 12, 2012 5:23 pm
- Forum: PHP - Code
- Topic: Why isn't this login working?
- Replies: 10
- Views: 2559
Why isn't this login working?
<?php // Start session session_start(); // Include database connection details include "config.php"; include "functions.php"; // Validation error flag $errflag = false; // Strip the POST values of any potential SQL injections $username = mysql_real_escape_string($_POST['username...
- Sun Feb 12, 2012 4:44 pm
- Forum: PHP - Security
- Topic: Please critique this login script!
- Replies: 5
- Views: 7165
Re: Please critique this login script!
I'll definitely search for using other hash functions. That was indeed supposed to be mysql_escale_string() as opposed to strings - a typo when I was tired, thanks for pointing that out though. I'll definitely read up session_regenerated_id(); - I haven't worked with PHP in some years, so things hav...
- Sat Feb 11, 2012 6:16 pm
- Forum: PHP - Security
- Topic: Please critique this login script!
- Replies: 5
- Views: 7165
Please critique this login script!
<? include "config.php"; include "functions.php"; session_start(); $t = time()+3600; $datetime = date("Y-m-d H:i:s", $t); $ip_address = $_SERVER['REMOTE_ADDR']; if (!$PHP_AUTH_USER) { header('WWW-Authenticate: Basic realm="Control Panel"'); } else { $password...