Jump to content

Dumb Question/Security

scfreak

By scfreak
in Third Party Scripts

 Share

Recommended Posts

scfreak Newbie

scfreak

Posted
Posted

Hello, just an FYI, I am a noob at php, but this noob needs help. Ok, I have a cookie cutter login script and on the register page I want to add a blank titled "Clan Password". This blank will ask for a password, that can be static to make things easy. This password would be required to hit the submit button, otherwise you get the error. "Incorrect clan password, please contact Sc." I know this can be done with java script, however I would like it to be apart of the php script. I have included the origional script titled "register.php" and my failed version. Please help, thank you. SC.

 

[attachment deleted by admin]

Link to comment
https://forums.phpfreaks.com/topic/189520-dumb-questionsecurity/
Share on other sites
roboticsguy1988 Newbie

roboticsguy1988

Posted
Posted

I wouldn't necessarily suggest using a static password.  However here is a small script that may help you get to what you are trying to accomplish... it probably is not THE solution but it will help you get there.

 

<?php
function checkform()
{		
	$TorF = 0;
	$staticpassword = "bob";
	if ($_POST['password'] != $staticpassword)
	{
		echo "You have entered an incorrect password! Please try again.";
		$TorF = 1;
	}
	if ($TorF == 1)
	{
		return false;
	}
	else
	{
		return true;
	}
}

if($_POST['Login'] and checkform())
{		
	echo "You have successfully logged in and will be redirected in 3 seconds";	
	?>
	<meta HTTP-EQUIV="REFRESH" content="3; url=index.php">
	<?php
}
else
{
	?>
	<form name="subscribe" action="<?php echo $_SERVER['PHP_self'] ?>" method="post">
	<p align="left">

                <label for="password"><?php echo "Password:"; ?></label><br />
                <input name="password" type="password" id="password" tabindex="1" /><br />
                
                <input type="submit" name="Login" value="Login" tabindex="2" />
                </p>
                
	</form>
	<?php
}
?>

 

One last thing.... you will have to add code in here to set your cookies once they get logged in.  Then wherever you redirect them you will have to have code to check for those cookies that you set.  But like i said above this isn't the best way to approach securing something, and i am not too advanced in web security yet.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.