pea_1 Posted March 21, 2007 Share Posted March 21, 2007 Hello, i need an admin area for one of my scripts and i've had some trouble with security in the past with this type of thing. So i just want to check if this is secure: <form action="" method="post"><input name="password" type="text" /><input name="" type="submit" /></form> <?php if($_POST['password']){ include("settings.php"); //with $pw if(md5($pw) == md5($_POST['password'])){ echo "in"; } else { echo "out"; } } ?> Thanks, Peter Link to comment https://forums.phpfreaks.com/topic/43675-simple-admin-area/ Share on other sites More sharing options...
s0c0 Posted March 21, 2007 Share Posted March 21, 2007 In the settings.php file is the password just stored in there? Why are you not using a database? Link to comment https://forums.phpfreaks.com/topic/43675-simple-admin-area/#findComment-212034 Share on other sites More sharing options...
pea_1 Posted March 21, 2007 Author Share Posted March 21, 2007 After asking someone, i now have $pw as the hashed password. I'm not using a database because i don't have one. Link to comment https://forums.phpfreaks.com/topic/43675-simple-admin-area/#findComment-212059 Share on other sites More sharing options...
cmgmyr Posted March 21, 2007 Share Posted March 21, 2007 you should probably look into making a DB. This would be good for future use. I'm sure you would like to upgrade in the future or even sell you "system" to someone else...it would be pretty hard to keep track of 500+ users in a text file... (besides using a flat file DB...but thats still a DB) Link to comment https://forums.phpfreaks.com/topic/43675-simple-admin-area/#findComment-212082 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.