password problem
Moderator: General Moderators
password problem
hi all
just learning PHP week ago,anyone can enlighten me,what wrong the this coding which key in a correct password still showing wrong password.
many thkx
<html>
<head>
<title>PHP testing</title>
</head>
<body>
<?php
$loginpass = 'test';
if ($pw == $loginpass)
{
....do something
}
else
{
print("Error. That is not the correct password.\n");
}
?>
</body>
</html>
just learning PHP week ago,anyone can enlighten me,what wrong the this coding which key in a correct password still showing wrong password.
many thkx
<html>
<head>
<title>PHP testing</title>
</head>
<body>
<?php
$loginpass = 'test';
if ($pw == $loginpass)
{
....do something
}
else
{
print("Error. That is not the correct password.\n");
}
?>
</body>
</html>
-
d3ad1ysp0rk
- Forum Donator
- Posts: 1661
- Joined: Mon Oct 20, 2003 8:31 pm
- Location: Maine, USA
When you use a form there are 2 different ways to send the data, GET and POST.
GET will send the data straight through the URL and then on authenticate.php the URL will be like this:
authenticate.php?username=DuFF&password=fakepswd
If you use POST it will not pass the data through the URL and therefore is much harder to manipulate the form data.
On the page recieving the form, depending on which method you use, you need to use $_GET['username'] or $_POST['username']
Code: Select all
<form action="authenticate.php" method="POST">
OR
<form action="authenticate.php" method="GET">authenticate.php?username=DuFF&password=fakepswd
If you use POST it will not pass the data through the URL and therefore is much harder to manipulate the form data.
On the page recieving the form, depending on which method you use, you need to use $_GET['username'] or $_POST['username']
Just to point something out. You should not change te php.ini setting of register_globals to 'On' to solve the problem, but rather learn how to use $_POST / $_GET (as mentioned by fellow posters).crayon wrote:Thkx for everyone helping me,this my fault didn't read thru the documentation,that
php.ini register_globals need set it to "On".
pls accept my apologize.
register_globals are set to off for security reasons as default and should imho never be touched.
thkx for your advice,I just insert $_POST and set php.in off and it work.JAM wrote:Just to point something out. You should not change te php.ini setting of register_globals to 'On' to solve the problem, but rather learn how to use $_POST / $_GET (as mentioned by fellow posters).crayon wrote:Thkx for everyone helping me,this my fault didn't read thru the documentation,that
php.ini register_globals need set it to "On".
pls accept my apologize.
register_globals are set to off for security reasons as default and should imho never be touched.
many thkx for everyone.
so, GET reads data out of url's..DuFF wrote:When you use a form there are 2 different ways to send the data, GET and POST.GET will send the data straight through the URL and then on authenticate.php the URL will be like this:Code: Select all
<form action="authenticate.php" method="POST"> OR <form action="authenticate.php" method="GET">
authenticate.php?username=DuFF&password=fakepswd
If you use POST it will not pass the data through the URL and therefore is much harder to manipulate the form data.
On the page recieving the form, depending on which method you use, you need to use $_GET['username'] or $_POST['username']
and POST ... not ....