Tyka95 Posted October 8, 2015 Share Posted October 8, 2015 (edited) My code: <!DOCTYPE html> <html> <head> <title></title> </head> <body> <?php if (!isset($_REQUEST['start'])) { ?> <form action="<?php $_SERVER['SCRIPT_NAME']?>" method="post"> <p><label> Login: <input name="login" type="text" size="15" /></label></p> <p><label>Password: <input type="password" name="parola"></label></p> <p><label>Emailul dvs:<input type="email" name="email"></label></p> <p><label>Lasati mai jos mesajul dvoastra: <br /> <textarea name="mesaj" cols="50" rows="6" placeholder="Scrieti aici ceva..."></textarea></label></p> <p><input type="reset" value="Anuleaza" /> <input type="submit" value="Transmite" name="start" /></p> </form> <?php } else { if (isset($_POST['login'])) $log=$_POST['login']; if (isset($_POST['mesaj'])) $mesaj=$_POST['mesaj']; if(isset($_POST['parola'])) $pass=$_POST['parola']; if(isset($_POST['email'])) $mail=$_POST['email']; $file=fopen('Homework.txt', "a+") or die ("Fisier inaccesibil!"); fwrite($file, $log); fwrite($file, " "); fwrite($file, $pass); fwrite($file, " "); fwrite($file, $mail); fwrite($file, " "); fwrite($file, $mesaj); fwrite($file, "\n"); fclose($file); echo 'Datele au fost salvate! Iata ce este in fisier: <br />'; $file=fopen("Homework.txt", "r") or die ("Fisier inaccesibil!"); while (!feof($file)) { echo fgets($file). "<br /><br /><br />"; } fclose($file); } ?> </body> </html> I just want the result looking like that:|Login | Password | Mail | Message ||John | Doe | johndoe@mail.com | Just a little text here. | Edited October 8, 2015 by Tyka95 Quote Link to comment Share on other sites More sharing options...
ginerjm Posted October 8, 2015 Share Posted October 8, 2015 So - where is your attempt at getting to your goal? You wrote all the php code (which you really need to post properly next time) but you didn't write the easy part. Quote Link to comment Share on other sites More sharing options...
Tyka95 Posted October 8, 2015 Author Share Posted October 8, 2015 (edited) I work on it.. I read and follow some tutorials... But something goes wrong Edited October 8, 2015 by Tyka95 Quote Link to comment Share on other sites More sharing options...
ginerjm Posted October 8, 2015 Share Posted October 8, 2015 If you did all this, WHERE IS THE CODE? Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted October 8, 2015 Share Posted October 8, 2015 (edited) You should look into saving this into a database using mysqli or pdo It's not safe to store passwords like this, all passwords should never be saved as plain text anywhere, use password_hash and password_verify Here is something for you anyway. <?php //default defines $errors = array(); $filename = "Homework.txt"; $log = ''; $pass = ''; $email = ''; $mesaj = ''; //check if form submitted if (isset($_POST['start'])) { //check each POST value and not blank, else create an error if (isset($_POST['login']) && trim($_POST['login']) != '') { $log = $_POST['login']; } else { $errors[] = "login"; } if (isset($_POST['parola']) && trim($_POST['parola']) != '') { $pass = $_POST['parola']; } else { $errors[] = "parola"; } if (isset($_POST['email']) && trim($_POST['email']) != '') { $email = $_POST['email']; } else { $errors[] = "email"; } if (isset($_POST['mesaj']) && trim($_POST['mesaj']) != '') { $mesaj = $_POST['mesaj']; } else { $errors[] = "mesaj"; } //if no errors proceed if (empty($errors)) { //check for file if (is_file($filename)) { //open file for appending $file = fopen($filename, 'a+'); //remove submit from post array unset($_POST['start']); //post array into a string $string = implode("||",$_POST); //add file breaks $string .= "\r\n"; //write to file fwrite($file, $string); //close file fclose($file); //show message was added echo 'Datele au fost salvate! Iata ce este in fisier: <br />'; } else { //file doesn't exist echo "$filename inaccesibil!"; } } else { //there was an error in form $error_msg = "<p style='color:red;'>You have these errors: " . implode(", ", $errors) . "</p>"; } } ?> <!DOCTYPE html> <html> <head> <title>Form Data</title> </head> <style> table { border-collapse: collapse; width: 100%; } th, td { padding: 0.25rem; text-align: left; border: 1px solid #ccc; } </style> <body> <?php //show errors if exist if ($error_msg) { echo $error_msg; } ?> <form action="" method="post"> <p><label> Login: <input name="login" type="text" size="15" value="<?php echo $log;?>" ></label></p> <p><label>Password: <input type="password" name="parola" value="<?php echo $pass;?>" ></label></p> <p><label>Emailul dvs:<input type="email" name="email" value="<?php echo $email;?>" ></label></p> <p><label>Lasati mai jos mesajul dvoastra: <br /> <textarea name="mesaj" cols="50" rows="6" ><?php echo $mesaj;?></textarea></label></p> <p><input type="reset" value="Anuleaza" /> <input type="submit" value="Transmite" name="start" /></p> </form> <?php //check if file exists if (is_file($filename)) { //get file $file = file($filename); //start numbering $number = 1; echo "<table>"; echo "<tr><th>Number</th><th>Login</th><th>Password</th><th>Email</th><th>Message</th>"; //loop through all lines in file foreach ($file as $line) { //explode each line by it's delimiter $data = explode("||", trim($line)); //add them to table echo "<tr><td>" . $number . "</td><td>" . $data[0] . "</td><td>" . $data[1] . "</td><td>" . $data[2] . "</td><td>" . $data[3] . "</td></tr>"; $number++; } echo "</tr></table>"; } else { //file doesn't exist echo "$filename inaccesibil!"; } ?> </body> </html> Edited October 9, 2015 by QuickOldCar Quote Link to comment Share on other sites More sharing options...
benanamen Posted October 9, 2015 Share Posted October 9, 2015 use password_hashand password_verify While that is good and sound advice, it should also be pointed out that those functions require Php version >=5.5.0 Many web hosts are only running versions 5.3.x or 5.4.x if the are even that current. Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted October 9, 2015 Share Posted October 9, 2015 The password_compat library will emulate the functions in legacy PHP versions down to PHP 5.3.7. All previous versions have a defect in the core bcrypt implementation and cannot be used securely. Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted October 9, 2015 Share Posted October 9, 2015 I agree, but when php7 is released a lot of these hosts better upgrade or will not have many customers. What do you think of this function? function salted_password($value) { if (!$value) { return false; } $salt = mcrypt_create_iv(22, MCRYPT_RAND); $salt = base64_encode($salt); $salt = str_replace('+', '.', $salt); return crypt($value, '$2y$10$' . $salt . '$'); } Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted October 9, 2015 Share Posted October 9, 2015 (edited) Not much. MCRYPT_RAND doesn't provide secure random numbers. It's the equivalent of rand(), so it's a primitive time-based pseudo-random number generator which is susceptible to collisions or even precomputation. The salt length is incorrect. bcrypt expects 128 bits (or 16 bytes). The salt encoding of bcrypt is very different from standard Base64, it's not enough to replace “+” with “.”. Using base64_encode() will yield “impossible” salts, and the only reason why this works at all is because the current bcrypt implementation has an error correction procedure. I wouldn't rely on that, though. The function fails to recognize errors, so it will happily return empty or broken hashes (PHP had several bugs in the bcrypt implementation). It doesn't even check if PHP actually used bcrypt and no fallback algorithm. The input length isn't checked. Everything above 56 bytes is outside of the bcrypt specifiction, and everything above 72 bytes will be truncated. The input isn't checked for null bytes. crypt() isn't binary-safe, so null bytes lead to truncation. There's no way to adjust the cost factor (which is the whole point of password hash algorithms). Using crypt() directly is really not a good idea. It's a terrible, hostile, bug-riddled function which needs tons of error checking to even make sense. Edited October 9, 2015 by Jacques1 Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted October 9, 2015 Share Posted October 9, 2015 Always like seeing your full explanations Jacques Quote Link to comment Share on other sites More sharing options...
Tyka95 Posted October 10, 2015 Author Share Posted October 10, 2015 (edited) Thank you so much guys... I just start to study PHP..I gonna try to do my best!! ginerjm, I just say that I'm learning some tutorials but i don't put that code in my code because Is fails, and i think I must read and find something different to understant the method.. .. Edited October 10, 2015 by Tyka95 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.