php-顶级程序员

How can I create a secured "remember me" system using PHP?

I have a login system. How can I implement a secure remember me system using cookies. What value should I have to store in cookie username and password, but how I can secure it? define A Salt foreach user in db then on setting $expire_time = time() + 2 * 7 * 24 * 3600; // 2 weeks exp time setcookie( "rememberMe", crypt($username, $salt), $expire_time, '/' ); on validati

2018-06-07 02:54:45

我如何使用PHP创建一个安全的“记住我”系统？

我有一个登录系统。我如何使用cookie来实现安全的记住我系统。我应该使用cookie用户名和密码存储什么值，但我该如何保护它？然后在db中定义一个Salt foreach用户在设置 $expire_time = time() + 2 * 7 * 24 * 3600; // 2 weeks exp time setcookie( "rememberMe", crypt($username, $salt), $expire_time, '/' ); 在验证 $_COOKIE['rememberMe'] === crypt($username, $salt) 也许你可以创建一个

2018-06-07 02:54:44

PHP isn't processing some form fields

I recently created a PHP/MySQL comment system, and it was working until a few hours ago (no changes at all in the code). When I tell the submit form code to echo the query, it shows that the area for commenttext and date is missing. I don't see why. Here's my code: mysql_connect("localhost","commentUser","password"); mysql_select_db("comments"); $name = mysql_real_escape_string($_POS

2018-06-07 02:53:43

PHP不处理某些表单字段

我最近创建了一个PHP / MySQL评论系统，它直到几个小时前都在运行（代码中根本没有任何改变）。当我告诉提交表单代码以回显查询时，它显示缺少用于评论文本和日期的区域。我不明白为什么。这是我的代码： mysql_connect("localhost","commentUser","password"); mysql_select_db("comments"); $name = mysql_real_escape_string($_POST['name']); $postID = mysql_real_escape_string($_POST['postId']); if(!is_numeric(

2018-06-07 02:53:42

converting text to int from a form

am trying to fetch some data from a form, but i cant for some reason. here are some lines of my code. cellphone: <input type = "text" name = "cellphone"><br /> username : <input type = "text" name = "username"><br /> $cellphone = $_GET["cellphone"]; //$cellphone = int() $cellphone; $username= $_GET["username"]; $link = mysql_connect('myhost', 'myuser', 'myp

2018-06-07 02:52:41

将文本从表单转换为int

我试图从表单中获取一些数据，但我不能出于某种原因。这里是我的代码的一些行。 cellphone: <input type = "text" name = "cellphone"><br /> username : <input type = "text" name = "username"><br /> $cellphone = $_GET["cellphone"]; //$cellphone = int() $cellphone; $username= $_GET["username"]; $link = mysql_connect('myhost', 'myuser', 'mypass') or die("could not co

2018-06-07 02:52:40

Are there any security vulnerabilities in this PHP code?

I just got a site to manage, but am not too sure about the code the previous guy wrote. I'm pasting the login procedure below, could you have a look and tell me if there are any security vulnerabilities? At first glance, it seems like one could get in through SQL injection or manipulating cookies and the ?m= parameter. define ( 'CURRENT_TIME', time ()); / / Current time. define ( 'ONLIN

2018-06-07 02:51:39

这个PHP代码中是否有安全漏洞？

我刚刚有一个网站来管理，但我不太确定前面的人写的代码。我正在粘贴下面的登录程序，您能否看看并告诉我是否有任何安全漏洞？乍一看，似乎可以通过SQL注入或操作cookie和？m =参数进入。 define ( 'CURRENT_TIME', time ()); / / Current time. define ( 'ONLINE_TIME_MIN', (CURRENT_TIME - BOTNET_TIMEOUT)); / / Minimum time for the status of "Online". define ( 'DEFAULT_LANGUAGE', 'en'); / / Default languag

2018-06-07 02:51:39

How do I make a request using HTTP basic authentication with PHP curl?

I'm building a REST web service client in PHP and at the moment I'm using curl to make requests to the service. How do I use curl to make authenticated (http basic) requests? Do I have to add the headers myself? You want this: curl_setopt($process, CURLOPT_USERPWD, $username . ":" . $password); Zend has a REST client and zend_http_client and I'm sure PEAR has some sort of wra

2018-06-07 02:50:37

如何使用PHP curl使用HTTP基本身份验证进行请求？

我正在用PHP构建一个REST Web服务客户端，目前我正在使用curl向服务发出请求。我如何使用curl来进行身份验证（http基本）请求？我必须自己添加标题吗？你要这个： curl_setopt($process, CURLOPT_USERPWD, $username . ":" . $password); Zend有一个REST客户端和zend_http_client，我相信PEAR有某种包装。但它很容易做到你自己。所以整个请求可能看起来像这样： $process = curl_init($host); curl_setopt($pro

2018-06-07 02:50:36

Creating login page with a student ID mysql and php

i have created a login page where a student is able to register using username, password and email. I have created a table which contains all the students ID. So when a students registers they have to enter a correct ID which has to match the table in order for them to register. I was wondering how can i do this. I am using php and mysql. f(isset($_POST["submit"])){ `if(!empty($_POST['user']

2018-06-07 02:49:35

使用学生标识mysql和php创建登录页面

我创建了一个登录页面，学生可以使用用户名，密码和电子邮件进行注册。我创建了一个包含所有学生ID的表格。因此，当学生注册时，他们必须输入正确的ID，该ID必须与表匹配以便他们注册。我想知道我该如何做到这一点。我正在使用PHP和MySQL。 f(isset($_POST["submit"])){ `if(!empty($_POST['user']) && !empty($_POST['pass']) && !empty($_POST['email'])) { $user=$_POST['user']; $传= $ _ POST [

2018-06-07 02:49:35

Undefined Index When Declaring Variable

Why i'm getting undefined index when declaring variables? Currently using bootstrap. <?php mysql_connect("localhost", "root", "1234") or die(mysql_error()); mysql_select_db("newitems") or die(mysql_error()); $up = $_POST['update']; mysql_query("UPDATE announcements SET content = $up"); ?> Create an Announcement / Remind

2018-06-07 02:48:33

声明变量时未定义的索引

为什么在声明变量时我得到了未定义的索引？目前正在使用bootstrap。 <?php mysql_connect（“localhost”，“root”，“1234”）或die（mysql_error（））; mysql_select_db（“newitems”）或死（mysql_error（））; $ up = $ _POST ['update']; mysql_query（“更新公告SET内容= $ up”）; ？>创建公告/提醒： <div class="controls"> <textarea id="update" name="update"></text

2018-06-07 02:48:33

One MySQL Database & Multiple Table

How to connect to a certain table in MySQL database? I have tried : mysql_select_db("baybeestore",$connection); but it gives me an error :- "Error : Table 'baybeestore.form' doesn't exist" But I've created a table named as order . Are there any PHP codes to connect to my table order in the same database that have multiple databases? Is it wise enough to create multiple database & o

2018-06-07 02:47:31

一个MySQL数据库和多表

如何连接到MySQL数据库中的某个表？我努力了： mysql_select_db("baybeestore",$connection); 但它给了我一个错误： - "Error : Table 'baybeestore.form' doesn't exist" 但是我创建了一个名为order的表。在具有多个数据库的同一个数据库中是否有任何PHP代码连接到我的表order ？是否足够明智地为一个网站创建多个数据库和一个表格或使用一个数据库创建多个表格？完整代码： $connection = mysql_connect("local

2018-06-07 02:47:31

Updating mysql database through php with HTTP POST methods

It executes on application perfectly I double checked it. It sends all parameters properly and the problem is in php script it doesn't execute the query (update,delete) it execute the insert query properly. The php script works perfect with html form but I don't know where the problem is. Here is my php script: $mysql_host = "localhost"; $mysql_database = "locator"; $mysq

2018-06-07 02:46:29

使用HTTP POST方法通过php更新mysql数据库

它完全在应用程序上执行，我再次检查它。它正确地发送所有参数，问题是在PHP脚本它不执行查询（更新，删除）它正确执行插入查询。该PHP脚本完美的HTML形式，但我不知道问题在哪里。这是我的PHP脚本： $mysql_host = "localhost"; $mysql_database = "locator"; $mysql_user = "root"; $mysql_password = ""; mysql_connect($mysql_host,$mysql_user,$mysql_password) or die(mysql_error()); mys

2018-06-07 02:46:29

PHP MySQL database problem

Code 1: <?php class dbConnect { var $dbHost = 'localhost', $dbUser = 'root', $dbPass = '', $dbName = 'input_oop', $dbTable = 'users'; function __construct() { $dbc = mysql_connect($this->dbHost,$this->dbUser,$this->dbPass) or die ("Cannot connect to MySQL : " . mysql_error()); mysql_select_db($this->dbName) or die ("Database not Found : " . mysq

2018-06-07 02:44:25

PHP MySQL数据库问题

代码1： <?php class dbConnect { var $dbHost = 'localhost', $dbUser = 'root', $dbPass = '', $dbName = 'input_oop', $dbTable = 'users'; function __construct() { $dbc = mysql_connect($this->dbHost,$this->dbUser,$this->dbPass) or die ("Cannot connect to MySQL : " . mysql_error()); mysql_select_db($this->dbName) or die ("Database not Found : " . mysq

2018-06-07 02:44:23