jamesxg1 Posted September 25, 2009 Share Posted September 25, 2009 Hiya peeps, I have made this, <?php session_start(); class Login { private $username; private $password; private $salt = "pepper89378"; function SecureUsername($username) { $SecureUsername->username = array_map("mysql_real_escape_string", $username); $SecureUsername->username = array_map("trim", $username); $SecureUsername->username = array_map("addslashes", $username); $SecureUsername->username = array_map("strip_tags", $username); $SecureUsername->username = array_map("base64_encode", $username); return($SecureUsername->username); } function SecurePassword($password, $salt) { $SecurePassword->salt = array_map("md5", $salt); $SecurePassword->salt = array_map("sha1", $salt); $SecurePassword->password = array_map("mysql_real_escape_string", $password); $SecurePassword->password = array_map("trim", $password); $SecurePassword->password = array_map("addslashes", $password); $SecurePassword->password = array_map("strip_tags", $password); $SecurePassword->password = array_map("sha1", $password); $SecurePassword->password = array_map("md5", $password); $SecurePassword->password = $SecurePassword->password . $SecurePassword->salt; return($SecurePassword->password); } function LoginSecure($SecureUsername->username, $SecurePassword->password) { } } ?> Will it this work and output what is expected ?, Many thanks, James. Quote Link to comment Share on other sites More sharing options...
Daniel0 Posted September 25, 2009 Share Posted September 25, 2009 Why don't you just try it out? Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted September 25, 2009 Author Share Posted September 25, 2009 Agreed, But i will have to make all the rest and i dont want to continue and it not work :S, Many thanks, James. Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 No it will not. When inside the class you refer to itself as $this. IDK why you are refering to the class as if it were the name ofthe function. also is username an array? is password an array? if not array_map is useless and won't really work Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted September 25, 2009 Author Share Posted September 25, 2009 Ok, So change all the $SecureUsername ect to $this done, And no they are not a array, How would i accomplish what i am trying to do ?, I also was hooping to be able to use the function for other purposes like putting a quantity of inputs into it and outputting them in the secure manner. Many thanks, James. Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 all $secureUsername and$securePassword. basically anywhere in the class where you are accessing data members or functions. I don't know what you are trying to do with array_map. if you want to apply a function to the variable, then apply the function to the variable. its that simple. array_map is used when you want to apply a function to every entry in an array. Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted September 25, 2009 Author Share Posted September 25, 2009 Done , And oh. Ok i didn't know that is there a function that is similar to what i am trying to do that will accomplish it ?, Many thanks, James. Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 I'm not sure what you are trying to do... what exactly were you doing with array map Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted September 25, 2009 Author Share Posted September 25, 2009 Lol, well i have basically just done it, But will this work ?, function SecureUsername($username) { $this->username = mysql_real_escape_string($username); $this->username = trim($username); $this->username = addslashes($username); $this->username = strip_tags($username); $this->username = base64_encode($username); return($this->username); } function SecurePassword($password, $salt) { $this->salt = md5($salt); $this->salt = sha1($salt); $this->password = mysql_real_escape_string($password); $this->password = trim($password); $this->password = addslashes($password); $this->password = strip_tags($password); $this->password = sha1($password); $this->password = md5($password); $this->password = $this->password . $this->salt; return($this->password); } Many thanks, James. Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 yeah... just apply the functions to the variables. but thats wrong. you want to do this $username = mysql_real_escape_string($username); $username = trim($username); $username = addslashes($username); $username = strip_tags($username); $username = base64_encode($username); $this->username = $username; otherwise, $this->username will just equal the last function called on $username, which is base64_encode. it wont be trimed, scaped, or any of the other stuff. do the same for password Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted September 25, 2009 Author Share Posted September 25, 2009 Ok thanks mate, Just one last thing, Will this function correctly ? <?php session_start(); class Login { private $username; private $password; private $salt = "pepper89378"; function SecureUsername($username) { $this->username = mysql_real_escape_string($username); $this->username = trim($username); $this->username = addslashes($username); $this->username = strip_tags($username); $this->username = base64_encode($username); return($this->username); } function SecurePassword($password, $salt) { $this->salt = md5($salt); $this->salt = sha1($salt); $this->password = mysql_real_escape_string($password); $this->password = trim($password); $this->password = addslashes($password); $this->password = strip_tags($password); $this->password = sha1($password); $this->password = md5($password); $this->password = $this->password . $this->salt; return($this->password); } function LoginSecure($this->username, $this->password) { $this->usernamecheck = "SELECT `username` FROM `members` WHERE username = '$this->username'"; $this->runusernamecheck = mysql_query($this->usernamecheck) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR); if(mysql_num_rows($this->runusernamecheck) = 1) { $this->passwordcheck = "SELECT `password` FROM `members` WHERE username = '$this->username' AND password = '$this->password'"; $this->runpasswordcheck = mysql_query($this->passwordcheck) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR); if(mysql_num_rows($this->runpasswordcheck) = 1) { // continue // } } } } ?> Many many thanks, James. Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 see my last post. you don't seem to have changed anything at all Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted September 25, 2009 Author Share Posted September 25, 2009 Oh sorry, <?php session_start(); class Login { private $username; private $password; private $salt = "pepper89378"; function SecureUsername($username) { $this->username = mysql_real_escape_string(trim(addslashes(strip_tags(base64_encode($username))))); return($this->username); } function SecurePassword($password, $salt) { $this->salt = sha1(md5($salt)); $this->password = mysql_real_escape_string(trim(addslashes(strip_tags(sha1(md5($password . $this->salt)))))); return($this->password); } function LoginSecure($this->username, $this->password) { $this->usernamecheck = "SELECT `username` FROM `members` WHERE username = '$this->username'"; $this->runusernamecheck = mysql_query($this->usernamecheck) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR); if(mysql_num_rows($this->runusernamecheck) = 1) { $this->passwordcheck = "SELECT `password` FROM `members` WHERE username = '$this->username' AND password = '$this->password'"; $this->runpasswordcheck = mysql_query($this->passwordcheck) or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR); if(mysql_num_rows($this->runpasswordcheck) = 1) { // continue // } else { $this->wrongusername = "Wrong username, Please try again."; return($this->wrongusername); } } else { $this->wrongpassword = "Wrong password, Please try again."; return($this->wrongpassword); } } ?> Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 oh yes indeed that will work quite nicely Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted September 25, 2009 Author Share Posted September 25, 2009 Thanks dude your ace!. Many thanks, James. Quote Link to comment Share on other sites More sharing options...
TeNDoLLA Posted September 25, 2009 Share Posted September 25, 2009 Why are you returning the username and the salted and encrypted password in the functions inside the class? I assume that your class purpose is to check if the user logged in correctly or not. If he logged in succesfully, maybe return a true and if he did not you shud return probably only a error messages or false. Also you are passing $this->username and $this->password as parameter to the function LoginSecure(). You don't need to do that, if you have already stored the data in the private variables inside the class. These variables can be used inside the class and its functions all around just straight away. No need to pass them as parameters anymore. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.