[PHP] Login Tutorial / No Mysql / DarkCoder

My First tutorial on My New Series Of Php Tutorials.

http://www.youtube.com/watch?v=pbg4rfvW4WI

Discription:

Code:

---

Code: http://elitetactics.sytes.net/codes/index.php

Please rate and subscribe for more.
We would love it!

This is a php tutorial for people tpo login to a certain file or show a certain text.

%Tutorial
%PHP
%Html

---

Please Subscribe :)

very basic. should move to showcase

Hmm...very useful for beginners like me in PHP. I actually learnt a lot from this, thanks!

Pretty basic, also if you're passing stuff like passwords through a form, NEVER use get it's very unsafe. Use post instead.

Also, you're coding style is sloppy, it'll make your brain explode on big projects.

This is how I would code it:

PHP Code:

---

<form name='password' action="test1.php?" method="post">
Password: <input type="text" name="pass"><br />
<input type="submit" value="Go!">
<br /> </form>

<?php
$pass=$_POST['pass'];

if ($pass == "dark") {

      echo "Password Correct.";

}
?>

---

lol $_GET

What's wrong with $_GET?

/page.php?pass=thisismypweveryonecankindaread

tis s mush betta, not like you need md5 when you're not saving it anywhere though.

PHP Code:

---

$pass = md5(ahoj);
$post = md5($_POST['pass']);

if($pass == $post)
{
echo "ok";
}
else
{
echo "wrong password, you fail";
} 


---

Foxx123, what does "ahoj" equal?

it's czech hello .. hm and when I think about it, $pass = md5("ahoj");

Ahoj Foxx :)

Also, there are better ways of doing this, sessions etc. but good to learn the basics.

Quote:

---

Originally Posted by Foxx123

/page.php?pass=thisismypweveryonecankindaread

tis s mush betta, not like you need md5 when you're not saving it anywhere though.

PHP Code:

---

$pass = md5(ahoj);
$post = md5($_POST['pass']);

if($pass == $post)
{
echo "ok";
}
else
{
echo "wrong password, you fail";
} 


---

---

OK... but what's the

PHP Code:

---

$pass = md5(ahoj); 


---

there for?

That's the password, md5() is a php function which makes it encoded.

But it says the password is 'pass'?

nope, it says that the password is "ahoj",
in that guide he did

PHP Code:

---

if ($pass == "dark") { 


---

where "dark" is the password, i've only "stored" that password in a variable..
in his guide it would be

PHP Code:

---

$password = "dark";
if ($pass == $password) { 


---

Aaah, I didn't see that.

o.O thanks dark.. Can use md5 or $post. But only other people the will see it are other people on the computer unless someonmess remote veiwing it.

Thx a lot dude!

Quote:

---

Originally Posted by Foxx123

That's the password, md5() is a php function which makes it encoded.

---

A little correction it's not encoding, cause md5 algorithm is one way, sayin other way, once you crypt ( scramble ) something with and md5 you won't decrypt it back, cause md5 is partly random and so far no one provided and inverse algorithm. And no brute force method does not count as a decryption cause always i can manage so complicated password that with brute force method you won't break it and your grand children still won't see the results.

Quote:

---

Originally Posted by Pieman

Pretty basic, also if you're passing stuff like passwords through a form, NEVER use get it's very unsafe. Use post instead.

Also, you're coding style is sloppy, it'll make your brain explode on big projects.

This is how I would code it:

PHP Code:

---

<form name='password' action="test1.php?" method="post">
Password: <input type="text" name="pass"><br />
<input type="submit" value="Go!">
<br /> </form>

<?php
$pass=$_POST['pass'];

if ($pass == "dark") {

      echo "Password Correct.";

}
?>

---

---

Wouldn't it be:
Password:<input type="text" name="password" />

No. In PHP or any coding language for that matter it's important to make your code as compact as possible while maintaining readability. That's why you should always abbreviate words if possible.

Also, notice how I called the form "Pass" and that I use $_POST['pass'] to get the contents of the form.

It should've been

<input type="password" name="password" />

or

<input type="password" name="pass">

:P

yeah,, xD

and one thing i've never understood,, why do some people add a '?' at the end of the
'action' link?

It doesn't matter really, "?" Is used to separate the file name from variables that are being passed through an url. But in this case "post" is used so the variables aren't passed through the url. Thus it has no use.

Angry it's called GET method and it's an option to pass variables further.

Quote:

---

Originally Posted by Pieman

It doesn't matter really, "?" Is used to separate the file name from variables that are being passed through an url. But in this case "post" is used so the variables aren't passed through the url. Thus it has no use.

---

yeah,, thats why i've never understood it xD
since most of them have used it with a POST method

Quote:

---

Originally Posted by DanseMacabre

Angry it's called GET method and it's an option to pass variables further.

---

-.-'

Quote:

---

Originally Posted by AngryCat

yeah,, thats why i've never understood it xD
since most of them have used it with a POST method



-.-'

---

and you never pass anything with a get method umm ?

nope,, i've actually never used the get method :P

$_GET $_POST .. what the difference anyone experienced enough can still send false info to both of them. $_GET just make a bit easier ^^

I wanna say i used the type=text to show to viewer that the password was truly correct. And theirs nothing bad about the $_GET method, you can either delete your viewing history your make sure you don't got a backdoor.

Cause keyloggers could find any password out anyway.

I know php very well now, i just like to start viewers of a basic to a more of a expert stage.

Sorry if i look like a retard :punch: