Web Design Forum: Shaun Childerley - Viewing Profile - Web Design Forum

Jump to content

WDF
WDF Premium Memberships Reseller Hosting

Shaun Childerley's Profile User Rating: ***--

Shaun Childerley's Photo
Reputation: 59 Excellent
Group:
Platinum Membership
Active Posts:
863 (0.96 per day)
Joined:
04-December 09
Profile Views:
9,737
Last Active:
User is offline Feb 19 2012 08:31 PM
Currently:
Offline

My Information

Member Title:
Expert
Age:
21 years old
Birthday:
October 14, 1990
Gender:
Not Telling Not Telling

Contact Information

E-mail:
Click here to e-mail me

Users Experience

Experience:
Nothing
Area of Expertise:
Nothing

Latest Visitors

  1. Recent Status Updates
  2. About Me
  3. Topics
  4. Posts
  5. Blog
  6. Gallery
  7. Awards
  8. Files

Posts I've Made

  1. In Topic: php help :)

    18 August 2011 - 01:06 AM

    View Postwebdesigner93, on 18 August 2011 - 12:59 AM, said:

    www.flashbuilding.com is not his site


    Good, At least we know the owner of that website is an utter idiot.

  2. In Topic: Change password form

    18 August 2011 - 12:59 AM

    View Postwebdesigner93, on 18 August 2011 - 12:57 AM, said:

    um no thats how majoyity of sites do it these days thats why they have captchas creating random passwords is more of a headach unless its for password recovery due to the fact they have to copy and paste the generated pass to login then go and change there password, makes no since


    Sorry, May have a misunderstanding, I have got the impression that you are setting a random password within the actual HTML form.

    Quote

    <form>
    <input type="password" value="<?php random(); ?>" />
    </form>

  3. In Topic: php help :)

    18 August 2011 - 12:55 AM

    View Postkingy da killa, on 17 August 2011 - 11:16 AM, said:

    http://www.bkwebdesi....co.uk/project/

    please check out that link

    sign up, and then go to log in,

    when you log in, you get an error,

    however,

    if you go back to homeepage you are loggd in ok!

    so must be something wrong with this 
    <?php
/* 
Created By Adam Khoury @ www.flashbuilding.com 
-----------------------June 20, 2008----------------------- 
*/
if ($_POST['email']) {
//Connect to the database through our include 
include_once "connect_to_mysql.php";
$email = stripslashes($_POST['email']);
$email = strip_tags($email);
$email = mysql_real_escape_string($email);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters
$password = md5($password);
// Make query and then register all database data that -
// cannot be changed by member into SESSION variables.
// Data that you want member to be able to change -
// should never be set into a SESSION variable.
$sql = mysql_query("SELECT * FROM members WHERE email='$email' AND password='$password' AND emailactivated='1'"); 
$login_check = mysql_num_rows($sql);
if($login_check > 0){ 
    while($row = mysql_fetch_array($sql)){ 
        // Get member ID into a session variable
        $id = $row["id"];   
        session_register('id'); 
        $_SESSION['id'] = $id;
        // Get member username into a session variable
	    $username = $row["username"];   
        session_register('username'); 
        $_SESSION['username'] = $username;
        // Update last_log_date field for this member now
        mysql_query("UPDATE members SET lastlogin=now() WHERE id='$id'"); 
        // Print success message here if all went well then exit the script
		header("location: index.php"); 
		exit();
    } // close while
} else {
// Print login failure message to the user and link them back to your login page
  print '<br /><br /><font color="#FF0000">No match in our records, try again </font><br />
<br /><a href="login.php">Click here</a> to go back to the login page.';
  exit();
}
}// close if post
?>


    help please +1s :)

    once this bit is done, i can code this into a template, then create an admin section for a client to check all the customers who have signed up and stuff.

    gunna be a wicked project for me once finished woo :)


    Just a side note, You posted this script on behalf of "www.flashbuilding.com", If you use this, I now know how to hijack the sessions.

    You created yourself another security risk posting the domain name and not only that, People on Google will also see.

  4. In Topic: Change password form

    18 August 2011 - 12:52 AM

    View Postwebdesigner93, on 18 August 2011 - 12:00 AM, said:

    yes just create a password field on ur registration page,sha1 or md5 the password then insert into mysql


    This would be a bad example for the reason that a robot could easily set its own password and use it to login therefore defeating the point of having a random password.

    Use the script provided above or your own and as the registration is processed, generate the password within the php and store it in your password column.

  5. In Topic: Change password form

    18 August 2011 - 12:47 AM

    View Postvernz, on 17 August 2011 - 10:33 PM, said:

    hey all

    making progress with my site thanks for the help :)

    come across another issue, at the moment my regisration form creates a random p.w and emails it to the user enabling them to log in,

    my query is,

    can i change this so that user can enter their own password? here is my registration details if it helps

    regards

    $pass = substr(md5($_SERVER['REMOTE_ADDR'].microtime().rand(1,100000)),0,6);


    this generates a random password and emails it to the user after they enter a username and their email address

    1. what would i need to add to my regisration form to allow a user generated p.w
    2. do i need to change anything on the sql?
    3. what would the field on the form be?

    thanks again in advance everyone


    <?php


//Password generator
function genPassword($len) {
	
	//Arrays of characters
	$numbers = array(0,1,2,3,4,5,6,7,8,9);
	$letters = array('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o', 'p', 'q', 'r','s','t','u','v','w','x','y','z');
	$symbols = array('[',']','{','}','#','@',':',';','>','<','/','*','(',')','-','+','=','~','!','"','%','|','.',',');
	$password = array();
	
	//Generate password
	while(count($password) <= $len) {
		$option = array(
		$password[] = $numbers[rand(0, count($numbers)-1)], 
		$password[] = $letters[rand(0, count($letters)-1)], 
		$password[] = $symbols[rand(0, count($symbols)-1)]);
		rand(0, 2);
	}
	
	//Prepare and print password
	$password = implode('', $password);
	print $password;
	
}

genPassword(20);

?>


    I written this a while back, This is a proper password generator! :p