Jump to content

Recommended Posts

My code:

<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<?php 
if (!isset($_REQUEST['start'])) {
?>
<form action="<?php $_SERVER['SCRIPT_NAME']?>" method="post">
<p><label> Login: <input name="login" type="text" size="15" /></label></p>
<p><label>Password: <input type="password" name="parola"></label></p>
<p><label>Emailul dvs:<input type="email" name="email"></label></p>
<p><label>Lasati mai jos mesajul dvoastra: <br /> <textarea name="mesaj" cols="50" rows="6" placeholder="Scrieti aici ceva..."></textarea></label></p>
<p><input type="reset" value="Anuleaza" />
  <input type="submit" value="Transmite" name="start" /></p>
</form>
<?php
}
else {
if (isset($_POST['login'])) $log=$_POST['login']; 
if (isset($_POST['mesaj'])) $mesaj=$_POST['mesaj'];
if(isset($_POST['parola'])) $pass=$_POST['parola'];
if(isset($_POST['email'])) $mail=$_POST['email'];
$file=fopen('Homework.txt', "a+") or die ("Fisier inaccesibil!");
fwrite($file, $log);
fwrite($file, "   ");
fwrite($file, $pass);
fwrite($file, "   ");
fwrite($file, $mail);
fwrite($file, "   ");
fwrite($file, $mesaj);
fwrite($file, "\n");
fclose($file);
echo 'Datele au fost salvate! Iata ce este in fisier: <br />';
$file=fopen("Homework.txt", "r") or die ("Fisier inaccesibil!");
while (!feof($file)) {
echo fgets($file). "<br /><br /><br />";
} 
fclose($file);
} 

?>

</body>
</html>

I just want the result looking like that:
|Login  |  Password |           Mail                |      Message                |
|John    |   Doe           | johndoe@mail.com  |    Just a little text here. |

Edited by Tyka95

You should look into saving this into a database using mysqli or pdo

It's not safe to store passwords like this, all passwords should never be saved as plain text anywhere, use password_hash and password_verify

 

Here is something for you anyway.

<?php
//default defines
$errors   = array();
$filename = "Homework.txt";
$log      = '';
$pass     = '';
$email    = '';
$mesaj    = '';


//check if form submitted
if (isset($_POST['start'])) {
    
    //check each POST value and not blank, else create an error
    
    if (isset($_POST['login']) && trim($_POST['login']) != '') {
        $log = $_POST['login'];
    } else {
        $errors[] = "login";
    }
    
    if (isset($_POST['parola']) && trim($_POST['parola']) != '') {
        $pass = $_POST['parola'];
    } else {
        $errors[] = "parola";
    }
    
    if (isset($_POST['email']) && trim($_POST['email']) != '') {
        $email = $_POST['email'];
    } else {
        $errors[] = "email";
    }
    
    if (isset($_POST['mesaj']) && trim($_POST['mesaj']) != '') {
        $mesaj = $_POST['mesaj'];
    } else {
        $errors[] = "mesaj";
    }
    
    
    //if no errors proceed
    if (empty($errors)) {
        //check for file
        if (is_file($filename)) {
            //open file for appending
            $file = fopen($filename, 'a+');
            //remove submit from post array
            unset($_POST['start']);
            //post array into a string
            $string = implode("||",$_POST);
            //add file breaks
            $string .= "\r\n";
            //write to file
            fwrite($file, $string);
            //close file
            fclose($file);
            //show message was added
            echo 'Datele au fost salvate! Iata ce este in fisier: <br />';
        } else {
            //file doesn't exist
            echo "$filename inaccesibil!";
        }
        
    } else {
        //there was an error in form
        $error_msg = "<p style='color:red;'>You have these errors: " . implode(", ", $errors) . "</p>";
    }
}
?>

<!DOCTYPE html>
<html>
<head>
<title>Form Data</title>
</head>
<style>
table {
  border-collapse: collapse;
  width: 100%;
}
th, td {
  padding: 0.25rem;
  text-align: left;
  border: 1px solid #ccc;
}
</style>
<body>
<?php
//show errors if exist
if ($error_msg) {
    echo $error_msg;
}
?>
<form action="" method="post">
<p><label> Login: <input name="login" type="text" size="15" value="<?php echo $log;?>" ></label></p>
<p><label>Password: <input type="password" name="parola" value="<?php echo $pass;?>" ></label></p>
<p><label>Emailul dvs:<input type="email" name="email" value="<?php echo $email;?>" ></label></p>
<p><label>Lasati mai jos mesajul dvoastra: <br /> <textarea name="mesaj" cols="50" rows="6" ><?php echo $mesaj;?></textarea></label></p>
<p><input type="reset" value="Anuleaza" />
  <input type="submit" value="Transmite" name="start" /></p>
</form>
<?php
//check if file exists
if (is_file($filename)) {
    //get file
    $file   = file($filename);
    //start numbering
    $number = 1;
    echo "<table>";
    echo "<tr><th>Number</th><th>Login</th><th>Password</th><th>Email</th><th>Message</th>";
    //loop through all lines in file
    foreach ($file as $line) {
        //explode each line by it's delimiter
        $data = explode("||", trim($line));
        //add them to table
        echo "<tr><td>" . $number . "</td><td>" . $data[0] . "</td><td>" . $data[1] . "</td><td>" . $data[2] . "</td><td>" . $data[3] . "</td></tr>";
        $number++;
    }
    echo "</tr></table>";
} else {
    //file doesn't exist
    echo "$filename inaccesibil!";
}

?>
</body>
</html>
Edited by QuickOldCar

 

While that is good and sound advice, it should also be pointed out that those functions require Php version  >=5.5.0

 

Many web hosts are only running versions 5.3.x or 5.4.x if the are even that current.

I agree, but when php7 is released a lot of these hosts better upgrade or will not have many customers.

 

What do you think of this function?

function salted_password($value)
{
    if (!$value) {
        return false;
    }
    $salt = mcrypt_create_iv(22, MCRYPT_RAND);
    $salt = base64_encode($salt);
    $salt = str_replace('+', '.', $salt);
    return crypt($value, '$2y$10$' . $salt . '$');
}

Not much.

  • MCRYPT_RAND doesn't provide secure random numbers. It's the equivalent of rand(), so it's a primitive time-based pseudo-random number generator which is susceptible to collisions or even precomputation.
  • The salt length is incorrect. bcrypt expects 128 bits (or 16 bytes).
  • The salt encoding of bcrypt is very different from standard Base64, it's not enough to replace “+” with “.”. Using base64_encode() will yield “impossible” salts, and the only reason why this works at all is because the current bcrypt implementation has an error correction procedure. I wouldn't rely on that, though.
  • The function fails to recognize errors, so it will happily return empty or broken hashes (PHP had several bugs in the bcrypt implementation). It doesn't even check if PHP actually used bcrypt and no fallback algorithm.
  • The input length isn't checked. Everything above 56 bytes is outside of the bcrypt specifiction, and everything above 72 bytes will be truncated.
  • The input isn't checked for null bytes. crypt() isn't binary-safe, so null bytes lead to truncation.
  • There's no way to adjust the cost factor (which is the whole point of password hash algorithms).

Using crypt() directly is really not a good idea. It's a terrible, hostile, bug-riddled function which needs tons of error checking to even make sense.

Edited by Jacques1

Thank you so much guys... I just start to study PHP..I gonna try to do my best!! :)
ginerjm, I just say that I'm learning some tutorials but i don't put that code in my code because Is fails, and i think I must read and find something different to understant the method.. :) ..

Edited by Tyka95
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.