I have a login system. How can I implement a secure remember me system using cookies. What value should I have to store in cookie username and password, but how I can secure it? define A Salt foreach user in db then on setting $expire_time = time() + 2 * 7 * 24 * 3600; // 2 weeks exp time setcookie( "rememberMe", crypt($username, $salt), $expire_time, '/' ); on validati
我有一个登录系统。 我如何使用cookie来实现安全的记住我系统。 我应该使用cookie用户名和密码存储什么值,但我该如何保护它? 然后在db中定义一个Salt foreach用户 在设置 $expire_time = time() + 2 * 7 * 24 * 3600; // 2 weeks exp time setcookie( "rememberMe", crypt($username, $salt), $expire_time, '/' ); 在验证 $_COOKIE['rememberMe'] === crypt($username, $salt) 也许你可以创建一个
I recently created a PHP/MySQL comment system, and it was working until a few hours ago (no changes at all in the code). When I tell the submit form code to echo the query, it shows that the area for commenttext and date is missing. I don't see why. Here's my code: mysql_connect("localhost","commentUser","password"); mysql_select_db("comments"); $name = mysql_real_escape_string($_POS
我最近创建了一个PHP / MySQL评论系统,它直到几个小时前都在运行(代码中根本没有任何改变)。 当我告诉提交表单代码以回显查询时,它显示缺少用于评论文本和日期的区域。 我不明白为什么。 这是我的代码: mysql_connect("localhost","commentUser","password"); mysql_select_db("comments"); $name = mysql_real_escape_string($_POST['name']); $postID = mysql_real_escape_string($_POST['postId']); if(!is_numeric(
am trying to fetch some data from a form, but i cant for some reason. here are some lines of my code. cellphone: <input type = "text" name = "cellphone"><br /> username : <input type = "text" name = "username"><br /> $cellphone = $_GET["cellphone"]; //$cellphone = int() $cellphone; $username= $_GET["username"]; $link = mysql_connect('myhost', 'myuser', 'myp
我试图从表单中获取一些数据,但我不能出于某种原因。 这里是我的代码的一些行。 cellphone: <input type = "text" name = "cellphone"><br /> username : <input type = "text" name = "username"><br /> $cellphone = $_GET["cellphone"]; //$cellphone = int() $cellphone; $username= $_GET["username"]; $link = mysql_connect('myhost', 'myuser', 'mypass') or die("could not co
I just got a site to manage, but am not too sure about the code the previous guy wrote. I'm pasting the login procedure below, could you have a look and tell me if there are any security vulnerabilities? At first glance, it seems like one could get in through SQL injection or manipulating cookies and the ?m= parameter. define ( 'CURRENT_TIME', time ()); / / Current time. define ( 'ONLIN
我刚刚有一个网站来管理,但我不太确定前面的人写的代码。 我正在粘贴下面的登录程序,您能否看看并告诉我是否有任何安全漏洞? 乍一看,似乎可以通过SQL注入或操作cookie和?m =参数进入。 define ( 'CURRENT_TIME', time ()); / / Current time. define ( 'ONLINE_TIME_MIN', (CURRENT_TIME - BOTNET_TIMEOUT)); / / Minimum time for the status of "Online". define ( 'DEFAULT_LANGUAGE', 'en'); / / Default languag
I'm building a REST web service client in PHP and at the moment I'm using curl to make requests to the service. How do I use curl to make authenticated (http basic) requests? Do I have to add the headers myself? You want this: curl_setopt($process, CURLOPT_USERPWD, $username . ":" . $password); Zend has a REST client and zend_http_client and I'm sure PEAR has some sort of wra
我正在用PHP构建一个REST Web服务客户端,目前我正在使用curl向服务发出请求。 我如何使用curl来进行身份验证(http基本)请求? 我必须自己添加标题吗? 你要这个: curl_setopt($process, CURLOPT_USERPWD, $username . ":" . $password); Zend有一个REST客户端和zend_http_client,我相信PEAR有某种包装。 但它很容易做到你自己。 所以整个请求可能看起来像这样: $process = curl_init($host); curl_setopt($pro
i have created a login page where a student is able to register using username, password and email. I have created a table which contains all the students ID. So when a students registers they have to enter a correct ID which has to match the table in order for them to register. I was wondering how can i do this. I am using php and mysql. f(isset($_POST["submit"])){ `if(!empty($_POST['user']
我创建了一个登录页面,学生可以使用用户名,密码和电子邮件进行注册。 我创建了一个包含所有学生ID的表格。 因此,当学生注册时,他们必须输入正确的ID,该ID必须与表匹配以便他们注册。 我想知道我该如何做到这一点。 我正在使用PHP和MySQL。 f(isset($_POST["submit"])){ `if(!empty($_POST['user']) && !empty($_POST['pass']) && !empty($_POST['email'])) { $user=$_POST['user']; $传= $ _ POST [
Why i'm getting undefined index when declaring variables? Currently using bootstrap. <?php mysql_connect("localhost", "root", "1234") or die(mysql_error()); mysql_select_db("newitems") or die(mysql_error()); $up = $_POST['update']; mysql_query("UPDATE announcements SET content = $up"); ?> Create an Announcement / Remind
为什么在声明变量时我得到了未定义的索引? 目前正在使用bootstrap。 <?php mysql_connect(“localhost”,“root”,“1234”)或die(mysql_error()); mysql_select_db(“newitems”)或死(mysql_error()); $ up = $ _POST ['update']; mysql_query(“更新公告SET内容= $ up”); ?>创建公告/提醒: <div class="controls"> <textarea id="update" name="update"></text
How to connect to a certain table in MySQL database? I have tried : mysql_select_db("baybeestore",$connection); but it gives me an error :- "Error : Table 'baybeestore.form' doesn't exist" But I've created a table named as order . Are there any PHP codes to connect to my table order in the same database that have multiple databases? Is it wise enough to create multiple database & o
如何连接到MySQL数据库中的某个表? 我努力了 : mysql_select_db("baybeestore",$connection); 但它给了我一个错误: - "Error : Table 'baybeestore.form' doesn't exist" 但是我创建了一个名为order的表。 在具有多个数据库的同一个数据库中是否有任何PHP代码连接到我的表order ? 是否足够明智地为一个网站创建多个数据库和一个表格或使用一个数据库创建多个表格? 完整代码: $connection = mysql_connect("local
It executes on application perfectly I double checked it. It sends all parameters properly and the problem is in php script it doesn't execute the query (update,delete) it execute the insert query properly. The php script works perfect with html form but I don't know where the problem is. Here is my php script: $mysql_host = "localhost"; $mysql_database = "locator"; $mysq
它完全在应用程序上执行,我再次检查它。 它正确地发送所有参数,问题是在PHP脚本它不执行查询(更新,删除)它正确执行插入查询。 该PHP脚本完美的HTML形式,但我不知道问题在哪里。 这是我的PHP脚本: $mysql_host = "localhost"; $mysql_database = "locator"; $mysql_user = "root"; $mysql_password = ""; mysql_connect($mysql_host,$mysql_user,$mysql_password) or die(mysql_error()); mys
Code 1: <?php class dbConnect { var $dbHost = 'localhost', $dbUser = 'root', $dbPass = '', $dbName = 'input_oop', $dbTable = 'users'; function __construct() { $dbc = mysql_connect($this->dbHost,$this->dbUser,$this->dbPass) or die ("Cannot connect to MySQL : " . mysql_error()); mysql_select_db($this->dbName) or die ("Database not Found : " . mysq
代码1: <?php class dbConnect { var $dbHost = 'localhost', $dbUser = 'root', $dbPass = '', $dbName = 'input_oop', $dbTable = 'users'; function __construct() { $dbc = mysql_connect($this->dbHost,$this->dbUser,$this->dbPass) or die ("Cannot connect to MySQL : " . mysql_error()); mysql_select_db($this->dbName) or die ("Database not Found : " . mysq