well,what is the problem with these manuals :) ?
google these ones:
security exploits that are SQL injection, Cross Site Scripting(xss) and
Cross Site Request Forgery
many security issues you can find
also
for your code problems try this site:
stackoverflow.com
previous times when I had thes
lol wow ok thanks, Im very new to coding, started html about 2 months ago, so ty for letting me know the security of the language! is there any place where i can read (other than the php manual), about a tutorial on security?On Aug 04, 2011, at 10:49 PM, Negin Nickparsa wrote:it is better to use t
On 8/5/2011 9:49 PM, wil prim wrote:
Ok so I have tried to create a sort of messaging system on my website and I have
run into some problems storing who the message is from, ill try to take you
through step by step what I am trying to do.
*step #1 *(messages.php):<--This is where the member w
it is better to use this one:
http://www.php.net/mysql_real_escape_string
if you don't use this by inputting just a qoute or this input '--'
a hacker can easily hack your syntax
in another steps your site will send a message like:
error in mysql on this line lob lob ..
in this part he will fin
I think Ill just use the better secured one, thanks!On Aug 04, 2011, at 10:41 PM, Negin Nickparsa wrote:or if you want to do this risky and none secure thing try this:$query="select * from members where user='"$_POST['user']."'and pass=password('$pas')";
well first you must check errors in mysql
t
well I wonder!
with error syntaxes now it is working? or without them?
or if you want to do this risky and none secure thing try this:
$query="select * from members where user='".$_POST['user']."'and
pass=password('$pas')";
well first you must check errors in mysql
then storing in session
also it is better to use:
$user=mysql_real_escape_string($_POST['user']);
th
k<pholbro...@gmail.com>
Subject: [PHP] Sending a message
Ok so I have tried to create a sort of messaging system on my website and I have run into some problems storing who the message is from, ill try to take you through step by step what I am trying to do.
step #1 (messages.php): <--This is
To: PHP MAILINGLIST; Philly
Holbrook
Subject: [PHP] Sending a message
Ok so I have tried to create a sort of messaging system on my website and I
have run into some problems storing who the message is from, ill try to take
you through step by step what I am trying to do.
step #1 (messages.php
well,sorry change it to password=$pass (better)
also check your errors by php yourpage.php
it is more better to not stock in errors like this one
in this line password='$_POST[pass]'";
you have error change it to password='$_POST['pass']'";
did you set the
?
This is the login.php which checks the form on the login page.session_start();include('connect.php');$user=$_POST['user'];$pass=$_POST['pass'];$sql="SELECT * FROM members WHERE username='$_POST[user]' and password='$_POST[pass]'";$result=mysql_query($sql, $con);$count=mysql_num_rows($result);if ($c
you must check setting your session with this one:
if(isset($_SESSION['user']))
{
// Identifying the user
$user = $_SESSION['user'];
// Information for the user.
}
tell me what you have done in login page?
Well my problem is when i click submit, the $_SESSION['user'] ('from' part of the table in my db) is blank, so im guessing the $_SESSION variable didnt pass through. On Aug 04, 2011, at 10:11 PM, Negin Nickparsa wrote:in previous pages you must have a login page and in login page you must
store th
in previous pages you must have a login page and in login page you must
store the username and then in next steps you have username in
$_SESSION['user']
now if it is not your problem then what is the problem?
Ok so I have tried to create a sort of messaging system on my website and I have run into some problems storing who the message is from, ill try to take you through step by step what I am trying to do.step #1 (messages.php): <--This is where the member will view the recent messages that have been p
17 matches
Mail list logo
