Walkthrough One - PHP User Authentication
Posted by 77553055
February 21, 2012 12:38AM | Registered: 1 year ago Posts: 132 |
completed this section and I want to notify you mates that the code for a more secured password should be:
This is because passwords needs to be secured and the second code renders it in an unsecured manner.Language: HTML<INPUT TYPE = 'password' Name ='password' value="<?PHP print $pword;?>" maxlength="16"> not <INPUT TYPE = 'TEXT' Name ='password' value="<?PHP print $pword;?>" maxlength="16">
|
Re: Walkthrough One - PHP User Authentication February 25, 2012 04:20PM | Registered: 1 year ago Posts: 115 |
February 25, 2012 09:10PM | Registered: 1 year ago Posts: 132 |
|
Re: Walkthrough One - PHP User Authentication March 02, 2012 04:09PM | Registered: 1 year ago Posts: 88 |
|
Re: Walkthrough One - PHP User Authentication March 02, 2012 10:34PM | Registered: 1 year ago Posts: 36 |
|
Re: Walkthrough One - PHP User Authentication March 02, 2012 11:53PM | Registered: 1 year ago Posts: 31 |
|
Re: Walkthrough One - PHP User Authentication March 03, 2012 12:08PM | Registered: 1 year ago Posts: 64 |
March 06, 2012 03:08PM | Registered: 1 year ago Posts: 41 |
|
Re: Walkthrough One - PHP User Authentication March 12, 2012 10:39AM | Registered: 2 years ago Posts: 165 |
|
Re: Walkthrough One - PHP User Authentication March 20, 2012 08:50PM | Registered: 1 year ago Posts: 37 |
|
Re: Walkthrough One - PHP User Authentication March 22, 2012 10:33AM | Registered: 1 year ago Posts: 35 |
|
Re: Walkthrough One - PHP User Authentication March 26, 2012 01:20PM | Registered: 1 year ago Posts: 55 |
|
Re: Walkthrough One - PHP User Authentication March 26, 2012 11:19PM | Registered: 1 year ago Posts: 100 |
|
Re: Walkthrough One - PHP User Authentication March 26, 2012 11:42PM | Registered: 1 year ago Posts: 100 |
One way of sanitising input is typecasting. Taking a SQL example, allowing the users to specify an offset to display data. In a query something like this:
We could use the same function as before to sanitise this $_GET variable, but it is more appropriate to use typecasting to force it to be an integer. We can do this using intval() taking a variable and returning its value as an integer. So, a string "14" will become the number 14, and any input that is not numeric will become 0, making the input safe to work with.
Language: PHP<?php // code... $sql = 'SELECT id,title FROM news LIMIT '.$_GET['offset'].',10'; $result = mysql_query($sql); // more code... ?>
We could use the same function as before to sanitise this $_GET variable, but it is more appropriate to use typecasting to force it to be an integer. We can do this using intval() taking a variable and returning its value as an integer. So, a string "14" will become the number 14, and any input that is not numeric will become 0, making the input safe to work with.
Language: PHP<?php // code... $sql = 'SELECT id,title FROM news LIMIT '.intval($_GET['offset']).',10'; // sanitised input $result = mysql_query($sql); // more code... ?>
|
Re: Walkthrough One - PHP User Authentication March 27, 2012 08:46AM | Registered: 1 year ago Posts: 100 |
A PHP class that allows validation of email addresses via SMTP.
Email Syntax can check whether an email address has a valid format, however, in order to check if the email address actually exists, you will have to query the email domain for the existence of the email address.
The PHP class encapsulates the SMTP, between the remote domain, as well as the DNS lookup for the Mail Transfer Agent (MTA) responsible for that domain.
The class can take a number of email addresses, and return whether they are valid or not. It will group together emails with the same domain, and create a single SMTP connection to the MTA for those emails for efficiency.
This class is meant to be a secondary validation of an email address after the email syntax is validated. It can also provide intermediate email validation before sending a confirmation email to the email address, which does not provide user feedback if the email is invalid - and thus loss of users.
Email Syntax can check whether an email address has a valid format, however, in order to check if the email address actually exists, you will have to query the email domain for the existence of the email address.
The PHP class encapsulates the SMTP, between the remote domain, as well as the DNS lookup for the Mail Transfer Agent (MTA) responsible for that domain.
The class can take a number of email addresses, and return whether they are valid or not. It will group together emails with the same domain, and create a single SMTP connection to the MTA for those emails for efficiency.
This class is meant to be a secondary validation of an email address after the email syntax is validated. It can also provide intermediate email validation before sending a confirmation email to the email address, which does not provide user feedback if the email is invalid - and thus loss of users.
|
Re: Walkthrough One - PHP User Authentication March 27, 2012 08:59AM | Registered: 1 year ago Posts: 100 |
Example of the above to validate a single email address:
Language: PHP// include SMTP Email Validation Class require_once('smtp_validateEmail.class.php'); // the email to validate $email = 'user@example.com'; // an optional sender $sender = 'user@mydomain.com'; // instantiate the class $SMTP_Validator = new SMTP_validateEmail(); // turn on debugging if you want to view the SMTP transaction $SMTP_Validator->debug = true; // do the validation $results = $SMTP_Validator->validate(array($email), $sender); // view results echo $email.' is '.($results[$email] ? 'valid' : 'invalid')."\n"; // send email? if ($results[$email]) { //mail ($email, 'Confirm Email', 'Please reply to this email to confirm', 'From:'.$sender."\r\n"); // send email } else { echo 'The email addresses you entered is not valid'; }
|
Re: Walkthrough One - PHP User Authentication March 27, 2012 09:04AM | Registered: 1 year ago Posts: 100 |
An example to validate multiple email addresses:
Language: PHP// include SMTP Email Validation Class require_once('smtp_validateEmail.class.php'); // the email to validate $emails = array('user@example.com', 'user2@example.com'); // an optional sender $sender = 'user@yourdomain.com'; // instantiate the class $SMTP_Validator = new SMTP_validateEmail(); // turn on debugging if you want to view the SMTP transaction $SMTP_Validator->debug = true; // do the validation $results = $SMTP_Validator->validate($emails, $sender); // view results. foreach($results as $email=>$result) { // send email? if ($result) { //mail($email, 'Confirm Email', 'Please reply to this email to confirm', 'From:'.$sender."\r\n"); // send email } else { echo 'The email address '. $email.' is not valid'; } }
|
Re: Walkthrough One - PHP User Authentication April 09, 2012 07:25PM | Registered: 1 year ago Posts: 18 |
|
Re: Walkthrough One - PHP User Authentication April 24, 2012 10:08PM | Registered: 1 year ago Posts: 29 |
|
Re: Walkthrough One - PHP User Authentication May 10, 2012 10:41PM | Registered: 1 year ago Posts: 41 |
That's really interesting to know how to validate an e-mail address by validating the domain.
I've worked on basic web sites before, and the php course is by far the most advanced I've gone on computer courses.
i'm really keen to learn a lot more.
I've completed this section, and some parts of the coding i found are more difficult to remember than to understand.
Thanks for the examples, it's giving me quite a lot of insight of certain factors to take note of.
I've worked on basic web sites before, and the php course is by far the most advanced I've gone on computer courses.
i'm really keen to learn a lot more.
I've completed this section, and some parts of the coding i found are more difficult to remember than to understand.
Thanks for the examples, it's giving me quite a lot of insight of certain factors to take note of.
Sorry, you do not have permission to post/reply in this forum.