Jump to content

Eggzorcist

Members
  • Posts

    214
  • Joined

  • Last visited

    Never

Posts posted by Eggzorcist

  1. I added a checkpoint echo to see if the function was actually being used, and it seems like the function being called isn't making the function work. Am I doing something wrong?  also changed a few things. But doesnt seem to make the function work or even being used either...

     

     

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <title>One Project Organizer </title>
    <link rel="stylesheet" type="text/css" href="onestylesheet.css"/>
    </head>
    <?php include('functions.php'); ?>
    <?php if(isset($_POST['login'])){ login_user($_POST['username'], $_POST['password']);}?>
    <body>
    <div id="onewrap">
    <div id="oneheader">
    <div class="oneheadertext">One Project Organizer</div>
    </div>
    <div id="onesubheader">Log-in</div>
    <div class="oneerror"><?php echo $errormessage; ?></div>
    <div class="onecontent"><form id="form1" name="form1" method="post" action="">
        <label>Username:
           <input type="text" name="username" id="username" />
        </label>
        Password: 
        <label>
          <input type="password" name="password" id="password" />
        </label> <input name="Login" type='button' id="login" value="Login"/>
    </form>
    </div>
    
    
    
    
    </div>
    </body>
    </html>
    

     

    thanks

  2. I've been trying to create an application which has hardly any php within the design files and a large core function files.

     

    I'm trying to create a login however it seems like it isn't working...

     

    I think my problem is in the design php file, though I will also attach my function that I've created.

     

     

    login_user function

    function login_user($username, $password){
    
    $username1 = secure_var($username);
    $password1 = md5(secure_var($password));
    
    
    if ($username != NULL and $password != NULL){
    
    	$login_query = mysql_query("SELECT * FROM user_info WHERE username = {$username1} AND password = {$password1}");
    
    	$login_status = mysql_num_rows($login_query);
    
    
    	if($login_status == 1){
    		echo "good";
    
    	set_login_sessions($username, $password);
    
    
    }
    
    }
    
    else {
    
    echo "Please enter a Username and Password";	
    
    }
    

     

    That includes a config.php file also...

     

     

    design file

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <title>One Project Organizer </title>
    <link rel="stylesheet" type="text/css" href="onestylesheet.css"/>
    </head>
    
    <?
    
    require('functions.php');
    
    
    ?>
    
    <body>
    <div id="onewrap">
    <div id="oneheader">
    <div class="oneheadertext">One Project Organizer</div>
    </div>
    <div id="onesubheader">Log-in</div>
    <div class="oneerror"></div>
    <div class="onecontent"><form id="form1" name="form1" method="post" action="">
        <label>Username:
           <input type="text" name="username" id="username" />
        </label>
        Password: 
        <label>
          <input type="password" name="password" id="password" />
        </label> <input type='button' onclick="<?php login_user($_POST['username'], $_POST['password']); ?>" value="Login"/>
    </form>
    </div>
    
    
    
    
    </div>
    </body>
    </html>

     

     

    Thanks for any help! :D

     

  3. Also there is no real need for the else statement as it does nothing, that's what the if statement is for. if file does not exist it will just pass it without executing anything so by doing else { echo ""; } no real purpose to it...

  4. Also, you might want to make sure the table is InnoDB and not MyISAM.

     

     

     

    By the way, have any of you all made a GMail account lately?  The CAPTCHA on there is freaking retardedly difficult.

     

    Yes I have, their captcha is indeed fairly difficult :P You're never sure if your password as wrong or the catcha... :P

  5. It's commonly used with database. Say you have multiple pages of information, all somewhat the same format.

     

     

    for example a member profile page.

     

     

    blabla.php?user=fred

     

    then you can make a sql query using $_GET['user'] (which would = fred) and get all the information on fred providing how you set the variables on the page.

     

    Although beware, as any user can manipulate the URL, there are security issues which should be looked up and taken care of in order to well secure your url and sql queries...

  6. Yes, I can relate to that. I will be creating a cookie which will make it unable to it so you try to login more than 5 times. But would that stop a brute force attack? I'm not sure if the brute-force software can get cookies or sessions placed upon.

  7. In my script I made a quick function which secures the inputed variable like this.

    function secure_var($var){
    
    $var = mysql_real_escape_string(htmlentities($var));
    
    }

     

    I have a quick question of something I'm unsure of. To use a variable like this one. Should I be doing...

    <?php
    
    $var = secure_var($var)
    
    // or would this just work?
    
    
    secure_var($var)
    
    ?>

     

    I will be retrieving the variable like "$var" I think the first option is best but I'm unsure of the right way of doing this.

     

     

    Thanks

     

     

     

     

  8. Then I would start by creating a sql database with all the variables you will be using. To store Users (with and/or without admin status), then creating a safe login and registration script. After you would have to create your way of creating a way in order to organize all your freebie stuff with a pagination system. That'd be the way to do it...

  9. Well it all depends on how do you wish to do to update your site. Do you want a admin login where you just have to upload things and it will just add it to the database? Or do you wish to just upload them in a html fashion. What features do you wish to add? People registering to your site and having the ability to add some things themselves?

     

    It would help to give us a bit more information about you wish to do.

  10. Hello,

     

    I'm creating a web application and I'm currently in the process of designing my login page, but I was wondering if I should put a captcha system on the login page. I have one for registration, though I was wondering is it really needed for login. Would a captcha help stop any kind of brute force attack?

     

    Thanks

  11. The expression "=>" that's normally used in some-kind of if statement. and it means for example

     

     

    $variable1 => $variable2

     

    which means varriable2 is either equal or less than variable1.

     

    The expression "->" looks like object oriented programming to me but I could be wrong. I don't use OOP normally. But in OOP it goes after a variable for example " $variable->status" But I could be wrong but I'm certain about the first one.

  12. I've added that however, the command still gets passed to the else command.

     

    I know this isn't the problem but here is how the information is showing.

     

     

     <form>
    Package ID:<input name="id" id='id' type="text" size="10" maxlength="10" /> 
    <br />
    <input type='button' onclick='showUser(this.value)' value="Track"/>
    </form>

  13. I'm sorry it's very basic it's just its for a school project and I can't seem to get it to work.

     

    here my code

     

    function showUser(str)
    {
    
    
    if (str==5){
    
    string = "Name: Harold<br>Location: Montreal, Canada"
    
    document.getElementById('txtHint').innerHTML = string;
    
    }
    
    
    
    else {
    
    alert("Wrong ID, Please try again");
    }
    
    }

     

    I can't seem to find the issue.

     

    Thanks

  14. Hi, What I am trying to do is change the this.value to the value of "f" of the text box above rathger than the value of the button. How what would the code be?

     

    Thanks

     

    <form>
    Package ID:<input name="id" type="text" id='id' value="f" size="10" maxlength="10" /> 
    <br />
    <input type='button' onclick='showUser(this.value)' value="Track"/>
    </form><br />

  15. ah here is there error:

     

    <form>
    Package ID:<input name="id" type="text" id='id' value="f" size="10" maxlength="10" /> 
    <br />
    <input type='button' onclick='showUser(this.value)' value="Track"/>
    </form><br />

     

    What is being tracker is the wrong value. I want it to pickup the value to value="f" but what it is picking up now is value="track" which is the button value, what is the command to change it to the text box?

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.