|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
12-08-2002, 02:18 PM
|
#1 |
|
So Fucking Banned
Join Date: Jan 2001
Location: http://www.thefly.net/ --- Quit your job and live off steady traffic.
Posts: 11,856
|
Password System and PHP Security Flaws?
I want to code a password protected user database, and I'm wondering if PHP would be sufficient and secure enough to use for the basic user interface and file access to the database records... I won't be using SQL, just flat text files.
I'm not really so worried about brute-force type hacking -- I'm more concerned about obvious security dangers that a lazy coder like myself might encounter... Pretty much I know basic stuff like limit the user input to only the most essential (no fancy characters allowed, etc.) -- but what are some other obvious mistakes? |
|
|
|
12-08-2002, 02:45 PM
|
#2 |
|
Confirmed User
Join Date: Jul 2002
Location: I Love Ixtapa, Mexico ö
Posts: 616
|
Its not as much of the programming langauge of choice, moreover, the person doing the coding. PHP is a robust enough langauge to do just about anything you could possibly imagine web related. You should however take a few minutes and learn the PHP - MySQL interface (its amazingly simple), and you will save yourself alot of headache and server load. If you are using in combination with .htaccess be sure to check out the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] (mor einfo here : http://www.php.net/manual/en/reserved.variables.php), will make your life easier.
Rory  |
|
|
|
|
12-08-2002, 02:59 PM
|
#3 | |
|
So Fucking Banned
Join Date: Jan 2001
Location: http://www.thefly.net/ --- Quit your job and live off steady traffic.
Posts: 11,856
|
Quote:
 Maybe with MySQL my code may be a tiny bit shorter (I doubt it) or faster (probably, but speed is not a concern for my application)... I refuse to use MySQL or learn it when I don't really need it. All I need to do is write to files, read from files and search files... Why use MySQL for that? When you use flat text files, you can use simple text editors to do editing, deletions, etc... Also you can use grep to search your databases from the command line... |
|
|
|
|
|
12-08-2002, 03:17 PM
|
#4 |
|
Confirmed User
Industry Role:
Join Date: Dec 2001
Location: Portland, OR.
Posts: 6,034
|
Fly,
I would recommend php/mysql method. We use these on many stores, affiliate software, etc. with an easy admin back end, you can delete, edit, add, etc from any mysql dbase. Stable for millions of hits day, records, etc. Easy to back up via web backend admin, or via SSH / Telnet at the command line. peace
__________________
ICQ: 52344098 -------------------------------------- 50% Commissions on all Product Sales. http://www.wishing.com/money |
|
|
|
