+- Sinisterly (https://sinister.ly)
+-- Forum: Coding (https://sinister.ly/Forum-Coding)
+--- Forum: PHP (https://sinister.ly/Forum-PHP)
+--- Thread: MySQL and PHP simple login system (/Thread-MySQL-and-PHP-simple-login-system)
RE: MySQL and PHP simple login system - hellomen - 10-28-2013
nice tutorial but not good enough for security reasons
-it is sql injectable
-password instant storage?
-sessions over cookies?
mhm this are just 3 I could think of and those 3 are the most important things I suggest to not learn from this script but actuall use this script as a reminder on how to put it up on a logical way.
RE: MySQL and PHP simple login system - hellomen - 10-28-2013
nice tutorial but not good enough for security reasons
-it is sql injectable
-password instant storage?
-sessions over cookies?
mhm this are just 3 I could think of and those 3 are the most important things I suggest to not learn from this script but actuall use this script as a reminder on how to put it up on a logical way.
RE: MySQL and PHP simple login system - hellomen - 10-28-2013
nice tutorial but not good enough for security reasons
-it is sql injectable
-password instant storage?
-sessions over cookies?
mhm this are just 3 I could think of and those 3 are the most important things I suggest to not learn from this script but actuall use this script as a reminder on how to put it up on a logical way.
RE: MySQL and PHP simple login system - Sebkvernland - 10-28-2013
(10-28-2013, 08:17 AM)hellomen Wrote: nice tutorial but not good enough for security reasonsDo you know how to do it the correct way or the best way? I\m very interested in learning how to do it secure. Do you think you could upload a thread or a tutorial about how to do it? Thank you!
-it is sql injectable
-password instant storage?
-sessions over cookies?
mhm this are just 3 I could think of and those 3 are the most important things I suggest to not learn from this script but actuall use this script as a reminder on how to put it up on a logical way.
RE: MySQL and PHP simple login system - Sebkvernland - 10-28-2013
(10-28-2013, 08:17 AM)hellomen Wrote: nice tutorial but not good enough for security reasonsDo you know how to do it the correct way or the best way? I\m very interested in learning how to do it secure. Do you think you could upload a thread or a tutorial about how to do it? Thank you!
-it is sql injectable
-password instant storage?
-sessions over cookies?
mhm this are just 3 I could think of and those 3 are the most important things I suggest to not learn from this script but actuall use this script as a reminder on how to put it up on a logical way.
RE: MySQL and PHP simple login system - Sebkvernland - 10-28-2013
(10-28-2013, 08:17 AM)hellomen Wrote: nice tutorial but not good enough for security reasonsDo you know how to do it the correct way or the best way? I\m very interested in learning how to do it secure. Do you think you could upload a thread or a tutorial about how to do it? Thank you!
-it is sql injectable
-password instant storage?
-sessions over cookies?
mhm this are just 3 I could think of and those 3 are the most important things I suggest to not learn from this script but actuall use this script as a reminder on how to put it up on a logical way.
RE: MySQL and PHP simple login system - Sebkvernland - 10-28-2013
(10-28-2013, 08:17 AM)hellomen Wrote: nice tutorial but not good enough for security reasonsDo you know how to do it the correct way or the best way? I\m very interested in learning how to do it secure. Do you think you could upload a thread or a tutorial about how to do it? Thank you!
-it is sql injectable
-password instant storage?
-sessions over cookies?
mhm this are just 3 I could think of and those 3 are the most important things I suggest to not learn from this script but actuall use this script as a reminder on how to put it up on a logical way.
RE: MySQL and PHP simple login system - hellomen - 10-28-2013
(10-28-2013, 09:40 AM)Sebastian Kvernland Wrote:(10-28-2013, 08:17 AM)hellomen Wrote: nice tutorial but not good enough for security reasonsDo you know how to do it the correct way or the best way? I\m very interested in learning how to do it secure. Do you think you could upload a thread or a tutorial about how to do it? Thank you!
-it is sql injectable
-password instant storage?
-sessions over cookies?
mhm this are just 3 I could think of and those 3 are the most important things I suggest to not learn from this script but actuall use this script as a reminder on how to put it up on a logical way.
MySQLi or PDO (I prefer PDO)
is one to make it more secure than the mysql_connect and stuff
strip_tags() for the $_GET's and $_POSTS helps better against XSS than when you don't use them
and ofcourse check your codes for fails
also try to use injections by yourself if you're unsure or ask someone to find leaks...
oh and never trust people on the internet
so every single thing you think mehhh that can be done later (security)
always MAKE THE THING because you can never trust a service user from your service.
RE: MySQL and PHP simple login system - hellomen - 10-28-2013
(10-28-2013, 09:40 AM)Sebastian Kvernland Wrote:(10-28-2013, 08:17 AM)hellomen Wrote: nice tutorial but not good enough for security reasonsDo you know how to do it the correct way or the best way? I\m very interested in learning how to do it secure. Do you think you could upload a thread or a tutorial about how to do it? Thank you!
-it is sql injectable
-password instant storage?
-sessions over cookies?
mhm this are just 3 I could think of and those 3 are the most important things I suggest to not learn from this script but actuall use this script as a reminder on how to put it up on a logical way.
MySQLi or PDO (I prefer PDO)
is one to make it more secure than the mysql_connect and stuff
strip_tags() for the $_GET's and $_POSTS helps better against XSS than when you don't use them
and ofcourse check your codes for fails
also try to use injections by yourself if you're unsure or ask someone to find leaks...
oh and never trust people on the internet
so every single thing you think mehhh that can be done later (security)
always MAKE THE THING because you can never trust a service user from your service.
RE: MySQL and PHP simple login system - hellomen - 10-28-2013
(10-28-2013, 09:40 AM)Sebastian Kvernland Wrote:(10-28-2013, 08:17 AM)hellomen Wrote: nice tutorial but not good enough for security reasonsDo you know how to do it the correct way or the best way? I\m very interested in learning how to do it secure. Do you think you could upload a thread or a tutorial about how to do it? Thank you!
-it is sql injectable
-password instant storage?
-sessions over cookies?
mhm this are just 3 I could think of and those 3 are the most important things I suggest to not learn from this script but actuall use this script as a reminder on how to put it up on a logical way.
MySQLi or PDO (I prefer PDO)
is one to make it more secure than the mysql_connect and stuff
strip_tags() for the $_GET's and $_POSTS helps better against XSS than when you don't use them
and ofcourse check your codes for fails
also try to use injections by yourself if you're unsure or ask someone to find leaks...
oh and never trust people on the internet
so every single thing you think mehhh that can be done later (security)
always MAKE THE THING because you can never trust a service user from your service.