Graphic Design Forum and Web Design Forum

Compare Web Hosting


Go Back   Graphic Design Forum and Web Design Forum »Web Design Forum »Programming Forum

Notices

Programming Forum Web and Software Programming Forum - Java, PHP, SQL etc.


Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 27-03-2008, 09:21 PM
prydie's Avatar
Member
 
Join Date: Mar 2008
Posts: 64
Default Advanced Mysql / PHP database backed login script

I conformed to popular demand and did a version 1.2 of my login script. Its new features include md5 encryption and the use of a database instead of variables stored in the script.

Advanced Mysql / PHP database backed login script at Pryde Design

Anyway hope it helps digg // subscribe if you liked it as usual and yeah ehmm thats about it lol.

Hope you like it

- Andrew
____________________________

Site: http://pryde-design.co.uk
Blog: http://blog.pryde-design.co.uk - subscribe (pls)
Digg this Post!Add Post to del.icio.usBookmark Post in Technorati Share This Article & VoteReddit! Wong this Post!Stumble this Post!RSS Share on FacebookForum Netvibes PageTwit this!
Reply With Quote

  #2 (permalink)  
Old 27-03-2008, 09:26 PM
tommylogic's Avatar
f*ck yeah it validates!!!
 
Join Date: Apr 2007
Location: Virtually Everywhere
Gender: Male
Posts: 6,318
Default

ummm.. Toon, you give me sh*t about writing 2 page tutorials that directly relate to questions that people actually ask here. Hmmmmph, I better not hear another peep from you on that, brother
Digg this Post!Add Post to del.icio.usBookmark Post in Technorati Share This Article & VoteReddit! Wong this Post!Stumble this Post!RSS Share on FacebookForum Netvibes PageTwit this!
Reply With Quote
  #3 (permalink)  
Old 28-03-2008, 11:52 AM
Toon's Avatar
Netvibes is an Addiction™
 
Join Date: Jan 2007
Location: Sheffield, UK
Gender: Male
Posts: 22,371
Default

Yeah but linking to them from here is too easy, it will never make your site popular you both have to realize the web is full of the same tutorials, what makes yours and your site better than the rest?
Digg this Post!Add Post to del.icio.usBookmark Post in Technorati Share This Article & VoteReddit! Wong this Post!Stumble this Post!RSS Share on FacebookForum Netvibes PageTwit this!
Reply With Quote
  #4 (permalink)  
Old 28-03-2008, 12:15 PM
Arkady's Avatar
Dalek Lover
 
Join Date: Apr 2007
Location: Glasgow
Gender: Male
Posts: 2,608
Default

It looks to me, like you have laid your self wide open to an SQL injection attack. I would suggest you rethink your approach.
____________________________

Digg this Post!Add Post to del.icio.usBookmark Post in Technorati Share This Article & VoteReddit! Wong this Post!Stumble this Post!RSS Share on FacebookForum Netvibes PageTwit this!
Reply With Quote
  #5 (permalink)  
Old 28-03-2008, 03:03 PM
prydie's Avatar
Member
 
Join Date: Mar 2008
Posts: 64
Default

Were do you suggest that there is sql injection? There is only one query and that has addslashes on the only user inputed variable.
____________________________

Site: http://pryde-design.co.uk
Blog: http://blog.pryde-design.co.uk - subscribe (pls)

Last edited by prydie; 28-03-2008 at 03:20 PM.
Digg this Post!Add Post to del.icio.usBookmark Post in Technorati Share This Article & VoteReddit! Wong this Post!Stumble this Post!RSS Share on FacebookForum Netvibes PageTwit this!
Reply With Quote
  #6 (permalink)  
Old 28-03-2008, 08:44 PM
Arkady's Avatar
Dalek Lover
 
Join Date: Apr 2007
Location: Glasgow
Gender: Male
Posts: 2,608
Default

Quote:
Originally Posted by prydie View Post
Were do you suggest that there is sql injection? There is only one query and that has addslashes on the only user inputed variable.
I'm sorry , but the addslashes class doesn't afford you any protection against SQL injection attacks. You have to detect malicious user input pro-actively using advanced error rejection exception techniques, or regular expression string rejection constructs.
____________________________

Digg this Post!Add Post to del.icio.usBookmark Post in Technorati Share This Article & VoteReddit! Wong this Post!Stumble this Post!RSS Share on FacebookForum Netvibes PageTwit this!
Reply With Quote
  #7 (permalink)  
Old 28-03-2008, 09:24 PM
prydie's Avatar
Member
 
Join Date: Mar 2008
Posts: 64
Default

I advocate high security coding but I was trying to write a simple script for beginners to learn from. I suppose mysql_real_escape_string() could have been used but add slashes gives us the security we need here. I can't see any way to inject it but you are welcome to try. I will send it across to one of my mates in the security field and see what they think but I am confident that there is no means of exploiting the script.
____________________________

Site: http://pryde-design.co.uk
Blog: http://blog.pryde-design.co.uk - subscribe (pls)

Last edited by prydie; 28-03-2008 at 09:47 PM.
Digg this Post!Add Post to del.icio.usBookmark Post in Technorati Share This Article & VoteReddit! Wong this Post!Stumble this Post!RSS Share on FacebookForum Netvibes PageTwit this!
Reply With Quote
  #8 (permalink)  
Old 31-03-2008, 01:08 PM
Acuity's Avatar
Knows Your Body Better Than You Do
 
Join Date: Feb 2008
Location: London
Gender: Male
Posts: 1,247
Default

any chance of seeing your version with the member registration bro?
Digg this Post!Add Post to del.icio.usBookmark Post in Technorati Share This Article & VoteReddit! Wong this Post!Stumble this Post!RSS Share on FacebookForum Netvibes PageTwit this!
Reply With Quote
  #9 (permalink)  
Old 31-03-2008, 04:01 PM
prydie's Avatar
Member
 
Join Date: Mar 2008
Posts: 64
Default

I will be posting it soon. I have got registration going but need to make sure that its all working properly and is totally secure.

Thanks for the interest

I will post a thread about version 1.3 when I release it.

- Andrew
____________________________

Site: http://pryde-design.co.uk
Blog: http://blog.pryde-design.co.uk - subscribe (pls)
Digg this Post!Add Post to del.icio.usBookmark Post in Technorati Share This Article & VoteReddit! Wong this Post!Stumble this Post!RSS Share on FacebookForum Netvibes PageTwit this!
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
WordPress Database Error MySQL Server has Gone Away Graphic Design Blog Graphic Design Blog 0 02-05-2008 06:02 AM
PHP Login Script / form prydie Programming Forum 0 26-03-2008 09:37 PM
How to Create an Advanced CSS Menu Graphic Design Links Graphic Design Links 0 30-10-2007 01:00 PM
PHP Login Tutorial PR Design Graphic Design Tutorials 0 21-09-2007 07:10 PM
login help plzzzzzzzz rr_designz Programming Forum 2 21-05-2007 02:27 AM



The Graphics Forum Web Design Stuff Free Decent Downloads Free Quality Wallpapers Graphics Forum
Free Vista Themes Creativecurio - Design Blog Graphic Design Advertising Graphic Design Advertising
The Top The Best Images Heavenly Glimpses Photography Tech Talk 247 Logo Design - $149 Affordable Stock Vector Illustrations
Free Design Portfolios

Create your own custom 2010 Calendars

Web Hosting - UK Web Hosting services for business or personal website hosting needs.

Dedicated Servers - A full range of Managed Dedicated Server solutions suitable for all your requirements.

Graphic Design Blog | Web Design Forum | Graphic Design and Print Forum | Graphic Design Links | Advertise On This Site

Web Design UK | Design by Miner Skinz.com | Logo Design UK | Art Schools Online | Pressure Seal Printing | Vision.To Design

Colour Print | Graphic Design UK | Logo Design | Photography Blog | Brochure Design UK | Design Forum Links | Logo Design

Graphic Design Schools Online | Integrated Cards | Integrated Labels | Graphic Design | Logo Design | Graphic Design Social Network

Logo Design | Integrated Cards & Labels | Graphic Design Tutorials | Logo Designer | UK Logo Design Studio

Colour Printers, Web Design and Logo Design UK | Business Cards | Accident and Injury Claims Rotherham UK | Logo Design Blog

Funfair Hire, Carousel Hire, Carnival Hire in the UK | Web Designer Rotherham, Yorkshire, UK | Damp Proofing & Plastering, Dartford, Kent

Damp Proofing, Refurbishment & Plastering, London | Wedding Photography London, Wedding Photographer, Kent

Free Dating in Sheffield | Free Dating in Sheffield and Yorkshire Forum | Motorhome Rental and RV Hire Scotland | Vector Art Blog

Free Web Hosting | Custom Logo Design - $149 Only | Affordable Print Design Templates | Small Business Logo Design | Company Logo Design

Logo Design Service | Logo Design Firm | Logo Design Reseller | Custom Logo Design | Letterhead Printing | Flyer Printing | Business Card Printing

All times are GMT. The time now is 02:11 PM.


Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.2.0 Estetica Design Forum's Privacy Policy