Mailit, LLC a écrit :
$userName = $_POST[userName];
$passw= $_POST[passw];
(...)
$cmd = SELECT * FROM theTable
. WHERE userName='$userName' ;
$res = mysql_query( $cmd ) or die( Password search failed. );
Without validating userName in $_POST, that code is vulnerable
to
---BeginMessage---
Here is the setup that I have used.
Please, adapt to your needs.
Table 'theTable' is supposed to contain columns fname, mname, lname
and ePass (encrypted password). The crypt() function produces a password
that
cannot be decrypted and really works well.
Of course, you need to
I am experimenting on my site and I want to make it password protected like
www.realsolution.com.
If any one enters correct user name and password, only then they will be
able to enter into my site.
How can I do that in PHP?
Any ideas? Thanks a ton in advance.
--
PHP General Mailing List
On Wed, 2005-02-16 at 21:31, Kevin Javia wrote:
I am experimenting on my site and I want to make it password protected like
www.realsolution.com.
If any one enters correct user name and password, only then they will be
able to enter into my site.
How can I do that in PHP?
Any ideas?
Kevin Javia wrote:
I am experimenting on my site and I want to make it password protected like
www.realsolution.com.
http://www.zend.com/zend/tut/authentication.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Kevin,
I'm having some issues with my email client right now so I'm sorry if
you've already found the answer. There is a way for PHP to do this
without the need to modify your web server's configuration or bothering
with .htaccess/ .htpasswd files by simply modifying the http headers
that your
Greetings,
I'm working on a project that involves a password protected area of a
website. Some one also involved brought up the point that this area should
be secure (Whit the lock icon indicating it is encrypted).
In this particular project the password protected area will be a quote
generating
.
Do a seach on Google for 'SSL' and start reading :)
- James
-Original Message-
From: Bill Rausch [mailto:[EMAIL PROTECTED]]
Sent: January 25, 2001 4:54 PM
To: [EMAIL PROTECTED]
Subject: [PHP] password protection
Hi all,
This isn't strictly a PHP issue but is quite related
8 matches
Mail list logo