Jump to content

Recommended Posts

Hiya peeps,

 

I have made this,

 

<?php session_start();

class Login {

          private $username;
          private $password;
          private $salt = "pepper89378";

function SecureUsername($username) {

$SecureUsername->username = array_map("mysql_real_escape_string", $username);
$SecureUsername->username = array_map("trim", $username);
$SecureUsername->username = array_map("addslashes", $username);
$SecureUsername->username = array_map("strip_tags", $username);
$SecureUsername->username = array_map("base64_encode", $username);

return($SecureUsername->username);

}


function SecurePassword($password, $salt) {

$SecurePassword->salt = array_map("md5", $salt);
$SecurePassword->salt = array_map("sha1", $salt);
$SecurePassword->password = array_map("mysql_real_escape_string", $password);
$SecurePassword->password = array_map("trim", $password);
$SecurePassword->password = array_map("addslashes", $password);
$SecurePassword->password = array_map("strip_tags", $password);
$SecurePassword->password = array_map("sha1", $password);
$SecurePassword->password = array_map("md5", $password);


$SecurePassword->password = $SecurePassword->password . $SecurePassword->salt;

return($SecurePassword->password);

}



function LoginSecure($SecureUsername->username, $SecurePassword->password) {








}







}

?>

 

Will it this work and output what is expected ?,

 

Many thanks,

 

James.

Link to comment
https://forums.phpfreaks.com/topic/175522-solved-array_map-will-this-work/
Share on other sites

No it will not. When inside the class you refer to itself as $this. IDK why you are refering to the class as if it were the name ofthe function.

 

also is username an array? is password an array? if not array_map is useless and won't really work

Ok,

 

So change all the $SecureUsername ect to $this done,

 

And no they are not a array, How would i accomplish what i am trying to do ?,

 

I also was hooping to be able to use the function for other purposes like putting a quantity of inputs into it and outputting them in the secure manner.

 

Many thanks,

 

James.

 

 

all $secureUsername and$securePassword. basically anywhere in the class where you are accessing data members or functions.

 

I don't know what you are trying to do with array_map. if you want to apply a function to the variable, then apply the function to the variable. its that simple. array_map is used when you want to apply a function to every entry in an array.

Lol, well i have basically just done it, But will this work ?,

 

function SecureUsername($username) {

$this->username = mysql_real_escape_string($username);
$this->username = trim($username);
$this->username = addslashes($username);
$this->username = strip_tags($username);
$this->username = base64_encode($username);

return($this->username);

}


function SecurePassword($password, $salt) {

$this->salt = md5($salt);
$this->salt = sha1($salt);
$this->password = mysql_real_escape_string($password);
$this->password = trim($password);
$this->password = addslashes($password);
$this->password = strip_tags($password);
$this->password = sha1($password);
$this->password = md5($password);
$this->password = $this->password . $this->salt;

return($this->password);

}

 

Many thanks,

 

James.

yeah... just apply the functions to the variables. but thats wrong. you want to do this

$username = mysql_real_escape_string($username);
$username = trim($username);
$username = addslashes($username);
$username = strip_tags($username);
$username = base64_encode($username);
$this->username = $username;

 

otherwise, $this->username will just equal the last function called on $username, which is base64_encode. it wont be trimed, scaped, or any of the other stuff. do the same for password

:) Ok thanks mate,

 

Just one last thing,

 

Will this function correctly ?

 

<?php session_start();

class Login {

          private $username;
          private $password;
          private $salt = "pepper89378";

function SecureUsername($username) {

$this->username = mysql_real_escape_string($username);
$this->username = trim($username);
$this->username = addslashes($username);
$this->username = strip_tags($username);
$this->username = base64_encode($username);

return($this->username);

}


function SecurePassword($password, $salt) {

$this->salt = md5($salt);
$this->salt = sha1($salt);
$this->password = mysql_real_escape_string($password);
$this->password = trim($password);
$this->password = addslashes($password);
$this->password = strip_tags($password);
$this->password = sha1($password);
$this->password = md5($password);
$this->password = $this->password . $this->salt;

return($this->password);

}



function LoginSecure($this->username, $this->password) {

$this->usernamecheck = "SELECT `username` FROM `members` WHERE username = '$this->username'";

$this->runusernamecheck = mysql_query($this->usernamecheck) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR);

if(mysql_num_rows($this->runusernamecheck) = 1) {


$this->passwordcheck = "SELECT `password` FROM `members` WHERE username = '$this->username' AND password = '$this->password'";

$this->runpasswordcheck = mysql_query($this->passwordcheck) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR);

if(mysql_num_rows($this->runpasswordcheck) = 1) {

// continue //


}



}






}







}

?>

 

Many many thanks,

 

James.

Oh sorry,

 

<?php session_start();

class Login {

          private $username;
          private $password;
          private $salt = "pepper89378";

function SecureUsername($username) {

$this->username = mysql_real_escape_string(trim(addslashes(strip_tags(base64_encode($username)))));


return($this->username);

}


function SecurePassword($password, $salt) {

$this->salt = sha1(md5($salt));

$this->password = mysql_real_escape_string(trim(addslashes(strip_tags(sha1(md5($password . $this->salt))))));

return($this->password);

}



function LoginSecure($this->username, $this->password) {

$this->usernamecheck = "SELECT `username` FROM `members` WHERE username = '$this->username'";

$this->runusernamecheck = mysql_query($this->usernamecheck) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR);

if(mysql_num_rows($this->runusernamecheck) = 1) {


$this->passwordcheck = "SELECT `password` FROM `members` WHERE username = '$this->username' AND password = '$this->password'";

$this->runpasswordcheck = mysql_query($this->passwordcheck) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR);

if(mysql_num_rows($this->runpasswordcheck) = 1) {

// continue //

    } else {

      $this->wrongusername = "Wrong username, Please try again.";

      return($this->wrongusername);

      }

  } else {

      $this->wrongpassword = "Wrong password, Please try again.";

      return($this->wrongpassword);

      }

}

?>

Why are you returning the username and the salted and encrypted password in the functions inside the class? I assume that your class purpose is to check if the user logged in correctly or not. If he logged in succesfully, maybe return a true and if he did not you shud return probably only a error messages or false.

 

Also you are passing $this->username and $this->password as parameter to the function LoginSecure(). You don't need to do that, if you have already stored the data in the private variables inside the class. These variables can be used inside the class and its functions all around just straight away. No need to pass them as parameters anymore.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.