GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   PHP Programmers SPAM Me! (https://gfy.com/showthread.php?t=397414)

SinSational 12-02-2004 07:26 PM
PHP Programmers SPAM Me!
 
i have a customer that has some php code written but it is pretty sloppy. basically it uses a mysql db to authenticate a username and password. if the username and password are in the DB then it takes them to the members are (which is in a frame) and if not then it takes them to an error page. some people are having trouble getting to the frame and bounces them back to the login screen. Norton Internet Securities privacy feature has been one of the problems (when turning it off people can get in fine), and Mac user's are having trouble with the frames.

basically they are looking for the code to be altered without using frames to get to the members area, but at the same time it has to be protected.

if you know of how to possibly solve this and can do the work, then please email me at chris (a.t.) atcihosting (d.o.t) com with what you think may work and your cost. i can also give you some more details to how it works. please do not icq me because it is too hard to keep track of who quoted me what price etc.

thanks

Juicy D. Links 12-02-2004 09:25 PM
http://www.gl4l.com/images/hgl1.jpg

SinSational 12-03-2004 06:27 AM
i heard juicy knew everything.....i didn't think php though.

pornpf69 12-03-2004 06:45 AM
...if I were not on 2 other projects I would hit you up....

Jennie 12-03-2004 07:17 AM
Hit me up !!! :)

Thanks..

foxylady 12-03-2004 07:47 AM
mail sent, you could check your mail now.

thanks :Graucho :Graucho :Graucho

raymor 12-03-2004 10:42 AM
Strongbox, next generation security system,
can authenticate against a MySQL database.
After 5 years of development, Strongbox is going
to be much more robust and effective then anything
a PHP scripter is going to whip out for you this week.

s9ann0 12-03-2004 10:51 AM
three words for you:

mod auth mysql

seven 12-03-2004 11:01 AM
Quote:
Originally posted by raymor
Strongbox, next generation security system,
can authenticate against a MySQL database.
After 5 years of development, Strongbox is going
to be much more robust and effective then anything
a PHP scripter is going to whip out for you this week.
Exactly what I was thinking, why not get a real pass script?

Got strongbox yesterday on 1 site, like it already :thumbsup getting ready to have it on a 2nd site :)

SinSational 12-03-2004 11:29 AM
Quote:
Originally posted by raymor
Strongbox, next generation security system,
can authenticate against a MySQL database.
After 5 years of development, Strongbox is going
to be much more robust and effective then anything
a PHP scripter is going to whip out for you this week.
looks good, but can it be integrated with a PIN system? the current set up works like this:
people redeem a PIN # and create a user/pass at this time.
the user/pass is datestamped and allows unlimited access for 1, 10, 30 days etc.
when they redeem the PIN the above info is inserted in to the table.
the fields in the table are pin, username, password, days valid, pin reedeem date, pin expire date.
every time they go to login, the user/pass is validated against the table. if it is still valid it takes them to the members area page, if not it takes them to an error page and deletes the expired record from the table

s9ann0 12-03-2004 12:49 PM
Quote:
Originally posted by SinSational
looks good, but can it be integrated with a PIN system? the current set up works like this:
people redeem a PIN # and create a user/pass at this time.
the user/pass is datestamped and allows unlimited access for 1, 10, 30 days etc.
when they redeem the PIN the above info is inserted in to the table.
the fields in the table are pin, username, password, days valid, pin reedeem date, pin expire date.
every time they go to login, the user/pass is validated against the table. if it is still valid it takes them to the members area page, if not it takes them to an error page and deletes the expired record from the table

why not use mod auth mysql and use basic auth (some might call this.htaccess password) and have a perl script or something on a crontab run daily to cancel users that expired

it would take like an hour to setup

Varius 12-03-2004 01:23 PM
First, make your pages you want protected include a .inc that does the following:

PHP Code:
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    $page $PHP_SELF;
    header("Location: /login.php?URL=".$page);
    exit();

Then have the page login.php do this:

PHP Code:
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    authenticate();
}
else {
   $sock = -open your db connection-

    $sql "SELECT    id
            FROM      users_table
            WHERE     username='".$_SERVER['PHP_AUTH_USER']."'
            AND       password=PASSWORD('".$_SERVER['PHP_AUTH_PW']."')";
    $res mysql_query($sql,$sock);
    if(mysql_numrows($res)hahahaha0) {
        authenticate();
    }
    else {
        header("Location: ".$URL);
        exit();
    }
}

function authenticate() {
    header("WWW-Authenticate: Basic realm=\"Member's Area\"");
    header("HTTP/1.0 401 Unauthorized");
    header("Location: [url]http://whatever.com/error.page[/url]");
    exit;

What this will do, i any page they try and access thats protected, if they arent logged in it will popup the auth box. If they login properly, they will be redirected back to the page they were trying to access.

If they get it wrong few times, they will be redirected to your error page.

Fast, easy, no frames or modules needed.

Also allows you room for customization, for example when they do login successfully, you could update user_last_login in the database, or things like that....

Enjoy :)

pornpf69 12-03-2004 03:16 PM
Quote:
Originally posted by Varius
First, make your pages you want protected include a .inc that does the following:

PHP Code:
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    $page $PHP_SELF;
    header("Location: /login.php?URL=".$page);
    exit();

Then have the page login.php do this:

PHP Code:
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    authenticate();
}
else {
   $sock = -open your db connection-

    $sql "SELECT    id
            FROM      users_table
            WHERE     username='".$_SERVER['PHP_AUTH_USER']."'
            AND       password=PASSWORD('".$_SERVER['PHP_AUTH_PW']."')";
    $res mysql_query($sql,$sock);
    if(mysql_numrows($res)hahahaha0) {
        authenticate();
    }
    else {
        header("Location: ".$URL);
        exit();
    }
}

function authenticate() {
    header("WWW-Authenticate: Basic realm=\"Member's Area\"");
    header("HTTP/1.0 401 Unauthorized");
    header("Location: [url]http://whatever.com/error.page[/url]");
    exit;

What this will do, i any page they try and access thats protected, if they arent logged in it will popup the auth box. If they login properly, they will be redirected back to the page they were trying to access.

If they get it wrong few times, they will be redirected to your error page.

Fast, easy, no frames or modules needed.

Also allows you room for customization, for example when they do login successfully, you could update user_last_login in the database, or things like that....

Enjoy :)
this wont work as you have forgot to open the '{' after the if and after the else....

aSStig 12-03-2004 03:20 PM
we could help you on that . . . .

sent an email, do check it out . . .

Varius 12-03-2004 04:11 PM
Quote:
Originally posted by pornpf69
this wont work as you have forgot to open the '{' after the if and after the else....
Where?

I put the open squiggly bracket in there its just it seems to get replaced by haha123 and the double = sign gets replaced by hahahaha :)

Varius 12-03-2004 04:13 PM
Quote:
Originally posted by Varius
Where?

I put the open squiggly bracket in there its just it seems to get replaced by haha123 and the double = sign gets replaced by hahahaha :)
also damn board automatically parse the url (cuz i forgot to uncheck that box) in my header() and stuck a href tags on it...which shouldnt be there :BangBang:

SinSational 12-03-2004 05:04 PM
thanks varius, i'll have to look in to this a bit more.


All times are GMT -7. The time now is 02:03 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123