Jump to content
xisto Community
Sign in to follow this  
doctor

Need Help: PHP Security - Login Script For Site security

Recommended Posts

Webmaster avex

 

I read this topic and i helps surely

 

I made a admin secure room

 

<?phpif( isset($_POST["login"])){	$query = mysql_query("select * from account where name='".$_POST["name"]."'");	$row = mysql_fetch_object($query);	$pass = md5($_POST["password"]);	if("password" == $row->password && $_POST["name"] == $row->name)	{		setcookie ("login", $_POST["name"],time()+3600*365);		echo "U bent ingelogt.";		echo "<META HTTP-EQUIV=\"REFRESH\" CONTENT=\"1; URL=?p=home\">";	}	else	{		echo "Error.";	}}?>

This is the login aera it calls simply the database

And sets a cookie when you are logged in and calls error when you are not registered!

 

<?phpif( isset($_POST["reg"]))	{		if($_POST["name"] != "" && $_POST["email"] != "" && $_POST["name1"] != "" && $_password != "")			{				$telgb = mysql_query("SELECT gebruikersnaam FROM account WHERE name='".$_POST["name"]."'") or die($error[1]);				$numgb = mysql_num_rows($telgb);				if($numgb == "1")				{					echo"<center>Account allready exists</center>";				}				else				{			   		if(!eregi("^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,4})$", $_POST["email"]))			   			{							echo"<center>Error mail!</center>";	 					 } 						 else 							 {								if($password != $_POST["password2"])								{									echo "<center>Password are not the same</center>";								}								else								{									echo"<center>You are registered.</center>";									$pass= md5($password1);									mysql_query("insert into account (name1,name,password,idate,email) values ('".$_POST["naam"]."','".$_POST["gebruikersnaam"]."','".$password."','".date."','".$_POST["email"]."')") or die(mysql_error());								}							 }				}				}				else				{					echo "<center>Something is not ready.</center>";				}			}?>

This is the register account name

 

And this you must copy on each page you want to secure

<?php$query = mysql_query("select * from account where id='".$_GET["id"]."'");$row = mysql_fetch_object($query);$ex = mysql_num_rows($query);if($ex == "0"){	echo "Dit acountje bestaat niet.";	exit();}else{here your tabel }?>
After the else is your tabel when its a correct login

Share this post


Link to post
Share on other sites

i made a website with php.

after user enters username and password then i direct him to index.htm

Question:I want when unregistered user enter http://www.mysite.com/index.htm a message must be come that you must be login.

I wait your helps.

 

if (! successfully_logged_in($_POST['user'])) {

display_login_form();

exit;

} else {

 

session_start();

$_SESSION['user'] = $_POST['user'];

header("Location: http://forums.xisto.com/no_longer_exists/;);

 

}

Share this post


Link to post
Share on other sites

Dear AVEXI have a request for you. Would you please give me the database structure of the login script you have build? I want to build a CMS. I guess this code can help me in understand how things wotk.

Share this post


Link to post
Share on other sites

Security Log in

Need Help: PHP Security - Login Script For Site

 

How I can create security log in dialoge box.

I want only people that I let them visit my site and also manage them add baned and ... ??????

 

 

-reply by mk63

Share this post


Link to post
Share on other sites

sorry.. I didn't understand what you need.

How I can create security log in dialoge box.

? what is that :(maybe if you write a bit more clear, I am sure that I can help you.
Edited by Feelay (see edit history)

Share this post


Link to post
Share on other sites

May be Feedbacker require show a login dialog when a anonyomous user visit to their site.One they got auth, then, allowed to visit the site.If so, try check the cookies set before. If they exists then, allow users to access the member area.Otherwise, show the login dialog.

Share this post


Link to post
Share on other sites

i made a website with php.after user enters username and password then i direct him to index.htm
Question:I want when unregistered user enter http://www.mysite.com/index.htm a message must be come that you must be login.
I wait your helps.

well for instant, there is also a loggedin.php or somethinglike that, depends on what you display but if you go onto loggedin.php, you can change the redirect key to longer than it is. that also lets you have enough time to post your message at the front page when they log on and people would read it and then they can manually redirect them self or let it redirect. what do you have?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.