pea_1 Posted March 21, 2007 Share Posted March 21, 2007 Hello, i need an admin area for one of my scripts and i've had some trouble with security in the past with this type of thing. So i just want to check if this is secure: <form action="" method="post"><input name="password" type="text" /><input name="" type="submit" /></form> <?php if($_POST['password']){ include("settings.php"); //with $pw if(md5($pw) == md5($_POST['password'])){ echo "in"; } else { echo "out"; } } ?> Thanks, Peter Quote Link to comment https://forums.phpfreaks.com/topic/43675-simple-admin-area/ Share on other sites More sharing options...
s0c0 Posted March 21, 2007 Share Posted March 21, 2007 In the settings.php file is the password just stored in there? Why are you not using a database? Quote Link to comment https://forums.phpfreaks.com/topic/43675-simple-admin-area/#findComment-212034 Share on other sites More sharing options...
pea_1 Posted March 21, 2007 Author Share Posted March 21, 2007 After asking someone, i now have $pw as the hashed password. I'm not using a database because i don't have one. Quote Link to comment https://forums.phpfreaks.com/topic/43675-simple-admin-area/#findComment-212059 Share on other sites More sharing options...
cmgmyr Posted March 21, 2007 Share Posted March 21, 2007 you should probably look into making a DB. This would be good for future use. I'm sure you would like to upgrade in the future or even sell you "system" to someone else...it would be pretty hard to keep track of 500+ users in a text file... (besides using a flat file DB...but thats still a DB) Quote Link to comment https://forums.phpfreaks.com/topic/43675-simple-admin-area/#findComment-212082 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.