Search found 11 matches
- Mon Jan 10, 2011 4:11 pm
- Forum: Coding Critique
- Topic: How to better login script
- Replies: 24
- Views: 25326
Re: How to better login script
It depends, you are correct in saying that the password gets hashed and if additional code is included it will not match your existing password. The other part is that eliminate some additional characters from being used in a password (&, >, <). Better to be safe than sorry ;) Yeah i suppose, b...
- Mon Jan 10, 2011 12:25 pm
- Forum: Coding Critique
- Topic: How to better login script
- Replies: 24
- Views: 25326
Re: How to better login script
Ah yes, sorry about that. This fixed the issue and the script seems to work great. I have just two other minor comments/questions: 1) The first function sanitizes the value inputs and returns a "cleanvalue." Should this be done for the password since it is hashed anyways which eliminates t...
- Sun Jan 09, 2011 11:18 am
- Forum: Coding Critique
- Topic: How to better login script
- Replies: 24
- Views: 25326
Re: How to better login script
Thanks for your reply. Unfortunately the script does not seem to function after that I added those lines (when I click the register button a white screen is returned). Here are the register form (html file) and the checkregister.php files: <html> <body> <table width="300" border="0&qu...
- Sat Jan 08, 2011 10:03 am
- Forum: Coding Critique
- Topic: How to better login script
- Replies: 24
- Views: 25326
Re: How to better login script
Ok, I will need to read up further on defining your own functions, but I understand what this script aims to do. Unfortunately, I still have the same problem as stated previously. I had already changed the alphanum (as well as the checkusername --> checkUsername and checkpassword --> checkPassword) ...
- Fri Jan 07, 2011 7:19 pm
- Forum: Coding Critique
- Topic: How to better login script
- Replies: 24
- Views: 25326
Re: How to better login script
Ah it is far clearer what you were doing now. I sort of had your initial example stuck in my mind and wasn't sure if I should deviate from it and it led to a mess. Now the script that we have doesn't show the registration form (which is what I called for with the include('form.php') in my initial ex...
- Fri Jan 07, 2011 4:09 pm
- Forum: Coding Critique
- Topic: How to better login script
- Replies: 24
- Views: 25326
Re: How to better login script
I am a little bit unsure how I would incorporate an alternative to success query with the way I have set it up (i.e. I don't think I can just add another else statment, since the query already is the else statement). I'm suggestion you keep your variable checking and your query processing more sepe...
- Fri Jan 07, 2011 2:27 pm
- Forum: Coding Critique
- Topic: How to better login script
- Replies: 24
- Views: 25326
Re: How to better login script
Ah I see what you mean, Christopher. This improvement brought with it another little issue, however. The menu.php (where a successful login directs you) no longer shows the username in the Welcome phrase. <?php session_start(); if (!isset($_SESSION['login']['username'])) { echo "You must be <a ...
- Fri Jan 07, 2011 1:06 pm
- Forum: Coding Critique
- Topic: How to better login script
- Replies: 24
- Views: 25326
Re: How to better login script
Thank you for all the great suggestions. I have incorporated a sha512 hash (changed password in database to varchar 128), removed mysql_error()'s from the script (I only had these after I was debugging the script, and forgot to remove), and made it so that the form along with the error is returned s...
- Thu Jan 06, 2011 10:20 pm
- Forum: Coding Critique
- Topic: How to better login script
- Replies: 24
- Views: 25326
Re: How to better login script
Sorry about posting it in the wrong section! I have figured out a way to incorporate error messages. I have also removed functions that stripped the pw both here and in the checklogin.php file since it does not seem necessary when I turn it into a md5 hash. How does this look? Any other suggestions,...
- Thu Jan 06, 2011 7:45 pm
- Forum: Coding Critique
- Topic: How to better login script
- Replies: 24
- Views: 25326
Re: How to better login script
Thanks for the suggestion. I created the file database.php: <?php $host="localhost"; $usr="root"; $pwd="*****"; $db="***********"; $tbl_name="members"; mysql_connect($host, $usr, $pwd) or die(mysql_error()); mysql_select_db($db) or die(mysql_error())...
- Thu Jan 06, 2011 7:08 pm
- Forum: Coding Critique
- Topic: How to better login script
- Replies: 24
- Views: 25326
How to better login script
Hello everyone, I have just finished coding a logion/register/logout script. I am quite new to PHP (this was my first task to begin the learning process!). The scripts now work fine and gets the job done. It incorporates a database and has a number of checks in place. I know that the code is probabl...