I didn't check the code, but do you have MD5 and Sha1 encryption?
Printable View
I didn't check the code, but do you have MD5 and Sha1 encryption?
Your code just plain looks disgusting. The fact that you refuse to improve it, especially with s-p-n's suggestions, worries me.
Can you please tell me where you learned to code, so that I can personally not recommend it to anyone else? Thanks.
At the very least, please learn about capitalization, and when you should and should not use it. I don't think that I've ever seen }Else{ used, until now. You are lucky that PHP is very lenient in regards to capitalization, but that doesn't mean it is good practice, and it just plain makes your code look ugly.
Also, Sha512 > MD5. And there is little to no reason not to hash the password. Just use MySQL's password function.
this.Quote:
Originally Posted by timebomb
The reason for posting stuff here is to improve on yourself when criticism is made. I'd highly suggest following s-p-n's advice instead of ignoring it.
I guess it depends on how you look at it. Anyways, I was just throwing some ideas out there. I gave you a quick idea, not a complete authorization/ranking system, but clearly you posted this so you could defend your code from every single post and be closed minded? Off to somewhere more productive now; not trying to start a flame war, bye.Quote:
Originally Posted by XCON
You may want to reconsider your secure() function.
I am almost certain that if you throw CHAR() at it, when it connects to the database, both add_slashes() and htmlspecialchars() do nothing to the command, so you are open to abuse of some sort.