Jump to content

Miggy64

Members
  • Posts

    9
  • Joined

  • Last visited

About Miggy64

  • Birthday 08/28/1964

Profile Information

  • Gender
    Male
  • Location
    Livonia, MI

Miggy64's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. This is what I do when I started out having a login system with passwords, I stated to the my users in an introduction paragraph that if you plan on registering don't use a password that you use for other websites (especially banking). If possible also use a different email address when registering on my website. I also give this advice to friends that I have on Facebook, to use a password and email address that you don't use for other websites. If a person has a hard time remembering passwords there are applications that manages your passwords for you, so you don't have to remember them. Just thought I would throw that out, but Jacques1 has very good advice and strong advice.
  2. That only happens every 4 years if you're being that exact, but I can't think of anything that needs to be that exact.
  3. To bad you can't mark more than one as best answer for there were a lot of good answers. However, I just want to mark this as solved, for I feel I am now on the right path and plan on delving deeper in this matter now that I know which direction to take. Thanks for everyone's help and input.
  4. Thanks Jacques1, that has cleared a lot of things up and I learning something new everyday. HTTP Response codes makes a lot more sense when getting a response back from php. Now I know where to go, I will delve deeper into this area. Once again Thanks.
  5. If I'm understand number correctly it would be OK just to remove the if statement and echo back to the JavaScript for that is what the try-catch is doing in the first place?I just want to send a response back to the Javascript stating that the data was saved correctly. I took out trim on the password, for the life of me I don't know why I put it in there in the first place. I will trim the other fields of spaces and I plan having some sort of field checks on them either by JavaScript or PHP in the future. Thanks for the critiques and suggestions.
  6. Thanks for the great input people, as for my PDO connection class script looks as follows: class Database { private $_connection; // Store the single instance. private static $_instance; // Get an instance of the Database. // @return Database: public static function getInstance() { if (!self::$_instance) { self::$_instance = new self(); } return self::$_instance; } // Constructor - Build the PDO Connection: public function __construct() { $db_options = array( PDO::ATTR_EMULATE_PREPARES => false // important! use actual prepared statements (default: emulate prepared statements) , PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION // throw exceptions on errors (default: stay silent) , PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC // fetch associative arrays (default: mixed arrays) ); $this->_connection = new PDO('mysql:host=localhost;dbname=cuckoo;charset=utf8', 'username', 'password', $db_options); } // Empty clone magic method to prevent duplication: private function __clone() { } // Get the PDO connection: public function getConnection() { return $this->_connection; } From what I have read online it's not the greatest and right now I have a mental block of the word(s) that describes the issue; however, I modified this script from a php book by Larry Ullman and assume that it will suffice. I think it's relatively secure.
  7. The more I look at this code the more i think to myself that there is some kind of security hole in it, but at other times I say that it'll do. Here's the code in question: part of my jquery script: if ( proceed ) { //console.log('All the conditions have been met.'); var data = $('#registerForm input').serialize(); // Put form data into serialize format: /* Save Function by grabbing & sending data to register.php */ $.post($('#registerForm').attr('action'), data , function(info) { console.log(info); //$('#result').text(info); // Display the result back when saved: }); // End of Save: } else { console.log('There is a problem somewhere.'); } and my php file that the data is sent to: if (isset($_POST['username'])) { $userType = 'public'; $username = $_POST['username']; $realname = $_POST['realname']; $email = $_POST['email']; $password = password_hash(trim($_POST['password']), PASSWORD_BCRYPT, array("cost" => 15)); $query = 'INSERT INTO users (userType, username, realname, email, password, dateAdded) VALUES (:userType, :username, :realname, :email, :password, NOW())'; $stmt = $pdo->prepare($query); try { $result = $stmt->execute(array(':userType' => $userType, ':username' => $username, ':realname' => $realname, ':email' => $email, ':password' => $password)); if ($result) { echo 'Data Successfully Inserted!'; } } catch(PDOException $error) { if (substr($error->getCode(), 0, 2) == SQL_CONSTRAINT_VIOLATION) { $errorMsg = 'The username already exists.'; } else { throw $error; // some other error happened; just pass it on. } } } Basically it takes the data from the registration form, validates it and then sends it to the register.php file to insert the data in the database table. I will be a long time before I go live with this, but I want to make this as secure as I can. An suggestions or help will be greatly appreciated. Best Regards, John
  8. I find working with DateTime() easier: <?php $now = new DateTime(); $birthday = new DateTime('1964-08-28'); $years = $now->diff($birthday, true); echo $now->format('Y-m-d') . '<br>'; echo $years->y; // Number of years since birthday //var_dump($years);
  9. I don't know what you are really asking, but would something like this work? <!DOCTYPE HTML> <html> <head> <meta charset="utf-8"> <title>Birthdate</title> <style> .formStyle { margin-left: 200px; } </style> </head> <body> <form class="formStyle" action="theYears.php" method="post"> <select id="yearBorn" name="yearBorn"> <option selected>Date of Birth</option> <?php $year = 1914; for ( $x = 1; $x <= 101; $x++ ) { echo '<option value="' . $year . '">' . $year . '</option>'; $year += 1; } ?> <input type="submit" name="submit" value="Submit"> </select> </form> </body> </html>
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.