melloorr

Okay, I have not used the the article you mentioned, mainly because I could not find how to implement it within my current code. But here is what I have done: $salt = uniqid(rand()); // here we encrypt the password and add slashes if needed $_POST['pass'] = md5($salt.$_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['pass'] = addslashes($salt.$_POST['pass']); $_POST['username'] = addslashes($_POST['username']); } // now we insert it into the database $insert = "INSERT INTO users (username, password, saltid) VALUES ('".$_POST['username']."', '".$_POST['pass']."', '".$salt."')"; $add_member = mysql_query($insert); ?> I have set the salt around a unique id, based on a rand(). Now I just don't know how to call it. Here is how the user and password is called and stored in a cookie with just md5(): $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['pass'] = stripslashes($_POST['pass']); $info['password'] = stripslashes($info['password']); $_POST['pass'] = md5($_POST['pass']); //gives error if the password is wrong if ($_POST['pass'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['pass'], $hour);

So this is what I have done: $salt = "agfuihag4jdhf7"; $_POST['pass'] = md5($salt.$_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['pass'] = addslashes($salt.$_POST['pass']); $_POST['username'] = addslashes($_POST['username']); } Should this make it more secure?

So how would I go about implementing it to the script?

Hey everyone. I currently have a login script that uses cookies to check if the user is logged in. But I have been told that even if I have used md5() then the the password is still at risk, so I was wondering if using sessions would be better, or if there was some way to make the passwords in the cookies more secure? Here is the code I currently have to secure passwords in the cookie: $_POST['pass'] = md5($_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['pass'] = addslashes($_POST['pass']); $_POST['username'] = addslashes($_POST['username']); }

Okay so I have now got code that crops it, then resizes it, but is still does not look right, is there any way to get it to start at the top of the picture, but in the middle width wise? (as it normally starts in the top left corner, then 720px out to the right) Here is my code so far: <?php $image = $_REQUEST['Img']; // the image to crop $dest_image = $_REQUEST['Saved']; // make sure the directory is writeable $img = imagecreatetruecolor('720','540'); $org_img = imagecreatefromjpeg($image); $ims = getimagesize($image); imagecopy($img,$org_img, 0, 0, 20, 20, 720, 540); imagejpeg($img,$dest_image,90); imagedestroy($img); $save = $_REQUEST['Saved'] ; $file = $dest_image ; echo "Creating file: $save"; $size = 0.3333333333333333333333333333333333333333333; header('Content-type: image/jpeg') ; list($width, $height) = getimagesize($file) ; $modwidth = $width * $size; $modheight = $height * $size; $tn = imagecreatetruecolor($modwidth, $modheight) ; $image = imagecreatefromjpeg($file) ; imagecopyresampled($tn, $image, 0, 0, 0, 0, $modwidth, $modheight, $width, $height) ; imagejpeg($tn, $save, 100) ; header ("Location: $save"); ?>

Is this the only way to do it? Because I would rather crop it first then resize it, if possible.

Hey everyone. I have been trying to make a script that allows me to resize an image but I am having some trouble. I have got a script that takes an image and resize's it: <?php $save = $_REQUEST['SavedAs'] ; $file = $_REQUEST['ImgAdd'] ; echo "Creating file: $save"; $size = 0.45; header('Content-type: image/jpeg') ; list($width, $height) = getimagesize($file) ; $modwidth = 240; $modheight = 180; $tn = imagecreatetruecolor($modwidth, $modheight) ; $image = imagecreatefromjpeg($file) ; imagecopyresampled($tn, $image, 0, 0, 0, 0, $modwidth, $modheight, $width, $height) ; imagejpeg($tn, $save, 100) ; header ("Location: $save"); ?> But depending on the image, the aspect ratio looks wrong. Is there anyway to take an image, crop it, then resize it? Or something that makes it look decent? Thanks

Oh, well is there any other way it could be easily done?

Sorry for taking so long to reply but I got fed up because that was not working either. But I have just checked again and I noticed in the original code, that the password was encrypted before it was put into the cookie, so would this make it secure?

I still need help Would I need to replace the old cookie code for the new one, so it does not check for a password? And How would I go about checking the cookie to check they are logged in? This is the code that checks: //checks cookies to make sure they are logged in if(isset($_COOKIE['ID_my_site'])) { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) It checks the password, but if you replace the old cookie code, then there is no password to check

I have just copied what is in this tutorial: http://php.about.com/od/finishedphp1/ss/php_login_code.htm

Sorry for being needy, but... How would I add this to my login script (whole login code is from the website I linked to in my last post)? I have added a column to my table called unique_id (correctly I think), but how would I go about adding a value to it when logging in and then adding the same value to the cookie, then deleting it when they log off?

Thanks for all the help. I am mainly using it so I can display the logout link if someone is logged in, and the login link if no-one is logged in, and also to show the logged in user their specific link (i.e. YouTube shows the link to my profile at the top of the page) (Sorry if I have not explained it well) This is the cookie code I have used: $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['pass'], $hour); Taken from here: http://php.about.com/od/finishedphp1/ss/php_login_code_5.htm So how would I add a uniqid() ?

Hey everyone, I'm relatively new to php and I have created a basic login page on my site. It checks whether someone is logged in by searching for a cookie. But I am wondering if there is a simple way to display content an link to only people who are logged in, and show user specific content based on who is logged it (much like forums - but not as complicated, just simple) Thank you and its very much appreciated

Yeah, I am using pbpbb so it will also mean would having to find the username without actually typing it in. (too complicated for me to understand)

Thanks for the help everyone, but it will be too hard to implement it so I am giving up for now. But I plan on Learning PHP and SQL properly soon, so you may see more of me here Thanks again!

Hello, sorry if I do not explain this well but I am wondering if there is some code that allows me to search a database for a username, and counts how many times the username is in the database, then displays the total amount on-screen