[PHP] Login Tutorial / No Mysql / DarkCoder

[Virtue~]

o.O thanks dark.. Can use md5 or $post. But only other people the will see it are other people on the computer unless someonmess remote veiwing it.

[GunZha]

Thx a lot dude!

[danse]

That's the password, md5() is a php function which makes it encoded.

A little correction it's not encoding, cause md5 algorithm is one way, sayin other way, once you crypt ( scramble ) something with and md5 you won't decrypt it back, cause md5 is partly random and so far no one provided and inverse algorithm. And no brute force method does not count as a decryption cause always i can manage so complicated password that with brute force method you won't break it and your grand children still won't see the results.

[Hidden]

Pretty basic, also if you're passing stuff like passwords through a form, NEVER use get it's very unsafe. Use post instead.

Also, you're coding style is sloppy, it'll make your brain explode on big projects.

This is how I would code it:

PHP Code:

<form name='password' action="test1.php?" method="post">
Password: <input type="text" name="pass"><br />
<input type="submit" value="Go!">
<br /> </form>

<?php
$pass=$_POST['pass'];

if ($pass == "dark") {

      echo "Password Correct.";

}
?>

Wouldn't it be:
Password:<input type="text" name="password" />

[Pieman]

No. In PHP or any coding language for that matter it's important to make your code as compact as possible while maintaining readability. That's why you should always abbreviate words if possible.

Also, notice how I called the form "Pass" and that I use $_POST['pass'] to get the contents of the form.

[Daevius]

It should've been

<input type="password" name="password" />

or

<input type="password" name="pass">

:P

[AngryCat]

yeah,, xD

and one thing i've never understood,, why do some people add a '?' at the end of the
'action' link?

[Pieman]

It doesn't matter really, "?" Is used to separate the file name from variables that are being passed through an url. But in this case "post" is used so the variables aren't passed through the url. Thus it has no use.

[danse]

Angry it's called GET method and it's an option to pass variables further.

[AngryCat]

It doesn't matter really, "?" Is used to separate the file name from variables that are being passed through an url. But in this case "post" is used so the variables aren't passed through the url. Thus it has no use.

yeah,, thats why i've never understood it xD
since most of them have used it with a POST method

Angry it's called GET method and it's an option to pass variables further.

-.-'

[danse]

yeah,, thats why i've never understood it xD
since most of them have used it with a POST method



-.-'

and you never pass anything with a get method umm ?

[AngryCat]

nope,, i've actually never used the get method :P

[john_d]

$_GET $_POST .. what the difference anyone experienced enough can still send false info to both of them. $_GET just make a bit easier ^^

[Virtue~]

I wanna say i used the type=text to show to viewer that the password was truly correct. And theirs nothing bad about the $_GET method, you can either delete your viewing history your make sure you don't got a backdoor.

Cause keyloggers could find any password out anyway.

I know php very well now, i just like to start viewers of a basic to a more of a expert stage.

Sorry if i look like a retard :punch: