| PHP | |
|---|---|
| Tweet Topic Started: Wednesday, 16. January 2013, 19:40 (3,367 Views) | |
| Onyx | Wednesday, 16. January 2013, 19:40 Post #1 |
the skies are alight
|
Removed because of bugs.
Edited by Onyx, Friday, 14. February 2014, 18:52.
|
Off
Profile |
Quote Top
|
| Nick | Wednesday, 16. January 2013, 19:46 Post #2 |
|
Let it go, let it go, can't hold it back anymore!
|
Very nice job I am currently involving myself more in the development stuff. When I get some more PHP knowledge, I will definitely want to see how you made this. Thanks for sharing!
|
Ephex - A Development, Design & Community Discord![]() Nick | 'Atta Boy Luther! | Outline Manager | Ask Me! Myy Stuff
| |
Off
Profile |
Quote Top
|
| Joe | Wednesday, 16. January 2013, 19:48 Post #3 |
![]()
Hi.
|
Very, very nice guide. Nicely done. Also, just a random note, cURL works wonders with ZetaBoards. Very useful.
|
| Joe | |
Off
Profile |
Quote Top
|
| Onyx | Wednesday, 16. January 2013, 20:04 Post #4 |
the skies are alight
|
Yep, I've heard of cURL but never really experimented with it before, maybe today will be the day. Thanks and much appreciated
|
Off
Profile |
Quote Top
|
| Andrew | Wednesday, 16. January 2013, 20:09 Post #5 |
![]()
ぼくたちがすべてはばか。
|
Regarding the id column in your table. It's best to set it as the primary key to prevent any duplicates. In your index.php page you have a comment outside of the PHP tags and as such they will show up on the page. As for your login page...you are still using the deprecated MySQL functions from PHP 4. It is best that you switch to MySQLi or better yet PDO. I have a tutorial on PDO here. MySQLi is pretty much MySQL except it supports OOP, prepared statements, can be used to execute multiple statements in one shot, etc. As for your protection against MySQL injection you shouldn't be using stripshlashes as mysql_real_escape_string will automatically escape the username and password which means stripslashes is essentially extra bloat. Regarding your register page...you are using redundant code when connecting to your database. You should merge the database connections into one central PHP file to make it easier to update in the future. Your password is being hashed using MD5 which while secure can still be more secure. I would suggest reading up on password salting to make sure any information is bulletproof in case your database is infiltrated. When you check to see if the username already exists you should also check to see if the email is also already in use otherwise a user will be able to register multiple times with the same email address. Other than that nice attempt
Edited by Andrew, Wednesday, 16. January 2013, 20:37.
|
![]() Professional web design/development services. • http://wildandrewlee.com/ | |
Off
Profile |
Quote Top
|
| Onyx | Wednesday, 16. January 2013, 20:22 Post #6 |
the skies are alight
|
I'd like to point out that this is a simple tutorial and is intended to be as basic as possible to ease understanding of the code. While many of the points you raised would definitely improve the code, they are not essential for it to work.
Yep, I'm aware of making one db_connect.php file. This was done purely to keep the codes on the same page. Anyone using the codes can improve and modify them as they so desire to include more advanced features and security. Thanks for the reply! |
Off
Profile |
Quote Top
|
| Andrew | Wednesday, 16. January 2013, 20:29 Post #7 |
![]()
ぼくたちがすべてはばか。
|
I understand that you are trying to make this as easy to understand as possible you are not really teaching rather you are spoon feeding. Spoon feeding code does nothing to teach people unless there's some crazy person I've never heard of that can understand how code works without any prior knowledge. There's an old saying that goes "Give a man a fish, feed him for a day. Teach a man to fish, feed him for a lifetime." While you may not agree with me you are essentially "Giving a man a fish." You should tell people what each line (well maybe not every line) does so they will be able to create their own login system in the future without having to copy and paste somebody else's work. If it sounds like I am arguing a member of the staff can remove this post but my main point is that you are pretty much giving people the answer to a question without explaining it which does absolutely no good for them. I would also like to point out that you probably ripped this code from a StackOverflow user: http://stackoverflow.com/questions/10936276/getting-checklogin-php-to-redirect-to-index-php-using-sessionurl As you can see that question was asked last year. Edited by Andrew, Wednesday, 16. January 2013, 20:51.
|
![]() Professional web design/development services. • http://wildandrewlee.com/ | |
Off
Profile |
Quote Top
|
| Onyx | Wednesday, 16. January 2013, 21:05 Post #8 |
the skies are alight
|
If I had been spoon feeding the code I would have simply posted the raw codes without any comments or steps on how to integrate them or configure the database. I have included more comments to explain the code though. I'm not parading this code around to be anything more than a simple login system. I code websites with far more sophisticated features but the principals remain the same and that is what this tutorial examines and provides. I can always progress to writing more challenging tutorials. But it's always best to avoid throwing yourself over a waterfall before you know how to swim. This tutorial is a swimming lesson, not an opportunity for me to drown people in heaps of undecipherable code. Once again thanks for your comments and time! Edit: Yep, some of the login page looks similar, and it's possible I may have consulted that at one point. But I have used this code for years.
Edited by Onyx, Wednesday, 16. January 2013, 21:07.
|
Off
Profile |
Quote Top
|
| Andrew | Wednesday, 16. January 2013, 21:14 Post #9 |
![]()
ぼくたちがすべてはばか。
|
I'm going to stop arguing here because I don't want to defer users from the actual point of this topic but if I were you I would provide more helpful comments instead of something as simple as "// SESSION DETAILS FOR USER" for:
If you don't then you will get questions from people who are just copying and pasting your code. Questions such as "What is a session?", "What does echo do?", "What are those square brackets after $_SESSION?", "What is $_SESSION['name'])?" |
![]() Professional web design/development services. • http://wildandrewlee.com/ | |
Off
Profile |
Quote Top
|
|
|
Friday, 12. April 2013, 06:39 Post #10 |
Level 2
|
I Get it learn, very useful & helpful for me! |
Off
Profile |
Quote Top
|
| 1 user reading this topic (1 Guest and 0 Anonymous) | |
| « Previous Topic · Coding & Development · Next Topic » |
| Track Topic · E-mail Topic |
8:12 PM Jul 10
|
Powered by ZetaBoards Premium · Privacy Policy



Multi
Multi
I am currently involving myself more in the development stuff. When I get some more PHP knowledge, I will definitely want to see how you made this. Thanks for sharing!







8:12 PM Jul 10


Outline Live