Search found 6 matches

by DevonL
Tue Feb 14, 2012 11:08 pm
Forum: PHP - Code
Topic: Why isn't this login working?
Replies: 10
Views: 2559

Re: Why isn't this login working?

Yeah I echoed the variables and they are indeed returning properly. I read up more on the PHP manual in regard to crypt() and am reading Mordred's post now as well. I should be able to get it running, the last time I did this md5() was the chosen way to encrypt passwords!

I appreciate the help/link.
by DevonL
Mon Feb 13, 2012 9:46 am
Forum: PHP - Code
Topic: Why isn't this login working?
Replies: 10
Views: 2559

Re: Why isn't this login working?

Also I don't even see where you define $PHP_AUTH_PW, $PHP_AUTH_USER or $password. If they are session data, you have to read them from the $_SESSION array. ...I have made some modifications to it now to make it more secure. Definitely. Now no one can get in. Sorry, bad joke. I ended up changing the...
by DevonL
Sun Feb 12, 2012 7:44 pm
Forum: PHP - Code
Topic: Why isn't this login working?
Replies: 10
Views: 2559

Re: Why isn't this login working?

No, that's the entire script, the connection to MySQL is made in the config file. I'll give a try echoing to see what the variables are outputting. Also, mysql_error() is included already, not returning anything. This is a script that worked with an older version of PHP, but I have made some modific...
by DevonL
Sun Feb 12, 2012 5:23 pm
Forum: PHP - Code
Topic: Why isn't this login working?
Replies: 10
Views: 2559

Why isn't this login working?

<?php // Start session session_start(); // Include database connection details include "config.php"; include "functions.php"; // Validation error flag $errflag = false; // Strip the POST values of any potential SQL injections $username = mysql_real_escape_string($_POST['username...
by DevonL
Sun Feb 12, 2012 4:44 pm
Forum: PHP - Security
Topic: Please critique this login script!
Replies: 5
Views: 7165

Re: Please critique this login script!

I'll definitely search for using other hash functions. That was indeed supposed to be mysql_escale_string() as opposed to strings - a typo when I was tired, thanks for pointing that out though. I'll definitely read up session_regenerated_id(); - I haven't worked with PHP in some years, so things hav...
by DevonL
Sat Feb 11, 2012 6:16 pm
Forum: PHP - Security
Topic: Please critique this login script!
Replies: 5
Views: 7165

Please critique this login script!

<? include "config.php"; include "functions.php"; session_start(); $t = time()+3600; $datetime = date("Y-m-d H:i:s", $t); $ip_address = $_SERVER['REMOTE_ADDR']; if (!$PHP_AUTH_USER) { header('WWW-Authenticate: Basic realm="Control Panel"'); } else { $password...