LinkBack URL
About LinkBacks
Reply With Quoteummm.. Toon, you give me sh*t about writing 2 page tutorials that directly relate to questions that people actually ask here. Hmmmmph, I better not hear another peep from you on that, brother
I conformed to popular demand and did a version 1.2 of my login script. Its new features include md5 encryption and the use of a database instead of variables stored in the script.
Advanced Mysql / PHP database backed login script at Pryde Design
Anyway hope it helps digg // subscribe if you liked it as usual and yeah ehmm thats about it lol.
Hope you like it
- Andrew
ummm.. Toon, you give me sh*t about writing 2 page tutorials that directly relate to questions that people actually ask here. Hmmmmph, I better not hear another peep from you on that, brother
Yeah but linking to them from here is too easy, it will never make your site popular you both have to realize the web is full of the same tutorials, what makes yours and your site better than the rest?
It looks to me, like you have laid your self wide open to an SQL injection attack. I would suggest you rethink your approach.
Were do you suggest that there is sql injection? There is only one query and that has addslashes on the only user inputed variable.
Last edited by prydie; 28-03-2008 at 04:20 PM.
I'm sorry , but the addslashes class doesn't afford you any protection against SQL injection attacks. You have to detect malicious user input pro-actively using advanced error rejection exception techniques, or regular expression string rejection constructs.Originally Posted by prydie
I advocate high security coding but I was trying to write a simple script for beginners to learn from. I suppose mysql_real_escape_string() could have been used but add slashes gives us the security we need here. I can't see any way to inject it but you are welcome to try. I will send it across to one of my mates in the security field and see what they think but I am confident that there is no means of exploiting the script.
Last edited by prydie; 28-03-2008 at 10:47 PM.
any chance of seeing your version with the member registration bro?
I will be posting it soon. I have got registration going but need to make sure that its all working properly and is totally secure.
Thanks for the interest
I will post a thread about version 1.3 when I release it.
- Andrew
Posting Permissions
Check the forum often for the latest design announcements. Everything from graphic design and web design, to films and music. Estetica is a great place for people to get together and help each other out.
Bookmarks