FUDforum: comp.lang.php

Home » Imported messages » comp.lang.php » php code

Show: Today's Messages :: Polls :: Message Navigator

Re: php code [message #177419 is a reply to message #177415]

Mon, 26 March 2012 20:49

Denis McMahon
Messages: 634
Registered: September 2010

Karma:

Senior Member

On Mon, 26 Mar 2012 08:05:29 -0700, shaurya077 wrote:

> if($_SERVER["REQUEST_METHOD"]=="POST") {
> $myusername=addslashes($_POST['user_name']);
> $mypassword=addslashes($_POST['pass_word']);
>
> $sql="select id from userinformation WHERE username='$myusername' and
> password='$mypassword' ";

ewwwwww.

at the very least, store some sort of hash of the p/w, and not the pw
itself.

eg:

saving password, take the md5 sum of the password and store it.
reading password, take the md5 of the given password and check that
against the db.

Rgds

Denis McMahon

Report message to a moderator

[Message index]

		php code By: shaurya077 on Mon, 26 March 2012 15:05
		Re: php code By: J.O. Aho on Mon, 26 March 2012 16:21
		Re: php code By: Peter H. Coffin on Mon, 26 March 2012 16:03
		Re: php code By: Denis McMahon on Mon, 26 March 2012 20:49
		Re: php code By: Michael Fesser on Tue, 27 March 2012 03:54
		Re: php code By: Erwin Moller on Tue, 27 March 2012 08:37

Previous Topic:	Sharetext
Next Topic:	Import values from XML file

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Fri Nov 22 19:35:08 GMT 2024

Total time taken to generate the page: 0.05273 seconds