Search
Left Quote    Nearly all men can stand adversity, but if you want to test a man's character, give him power.
- Abraham Lincoln    
Right Quote
 
[login] | [Register]
Forum Index » PHP and mySQL » Viewing Topic and Replies
Post Reply


        Viewing Topic: What I have so far...
  This user is offline  lingh0e
  Subject: "What I have so far..." Posted: @ 1:30 am on Mar 09 2007   

Member #: 291
Rank: User - (29)
Since: 03/03/07
Posts: 29
From: Ohio

Just wanted to give you a quick look at what I have achieved thus far thanks mostly to the help I've received from this forum. At this point, all I have is the member system and a few tweaks. I am currently working on the actual guts of the site, but it's pretty slow going as I am, first and foremost, a graphics guy.

The beginnings of my site.


Feel free to kick me if I get annoying
    Viewed: 10,019 Times | Reply to This | To top
  This user is offline  bs0d
  Subject: "re: What I have so far..." Posted: @ 2:19 am on Mar 09 2007    

Member #: 1
Rank: Admin. - (1,505)
Since: 02/06/05
Posts: 600
From: USA

Looks good so far! Hey, check your email code, I filled out a test user and did not provide an email address and it did not catch that.

Good luck with developing the rest!




-bs0d | AllSyntax.com

    Viewed: 10,012 Times | Reply to This | To top
  This user is offline  lingh0e
  Subject: "re: What I have so far..." Posted: @ 4:39 am on Mar 09 2007    

Member #: 291
Rank: User - (29)
Since: 03/03/07
Posts: 29
From: Ohio

never thought of that one...

nice catch. I'll add that to my list.




Feel free to kick me if I get annoying

    Viewed: 10,005 Times | Reply to This | To top
  This user is offline  gravy
  Subject: "re: What I have so far..." Posted: @ 4:38 am on Mar 09 2007    

Member #: 294
Rank: User - (63)
Since: 03/07/07
Posts: 66
From: MN

Yeah you got that graphics part down to a tee! Makes my site look like CRAP!

Great Job, and yeah, this site helps out ALOT when it comes to the inner guts of the website.




Photo Hosting Scripts? It's what I do....

    Viewed: 10,003 Times | Reply to This | To top
  This user is offline  lingh0e
  Subject: "re: What I have so far..." Posted: @ 10:44 am on Mar 09 2007    

Member #: 291
Rank: User - (29)
Since: 03/03/07
Posts: 29
From: Ohio

Simple fix to that (i.e. - I don't want to put any more work into it) leave a dummy member in the database with a blank e-mail entry. Coupled with the anti-duplicate e-mail module you wrote for me earlier, anyone else registering now will be required to use at least one character for the e-mail.

Slightly harder fix: add a few simple lines of code to make sure the e-mail field isn't left blank at all.

Only slightly harder fix: add more code to ensure that the address entered isn't just an assortment of characters, but a legitimately formatted e-mail address.

Final solution (and further down the road of my PHP education) add a module that requires the user to enter a valid e-mail, send that e-mail a unique verification link and have the user click the link to verify the address as legitimate.

This brings me to my next question(s). What would be the best way to create a unique link for the user to verify? One tutorial I am reading suggests creating a second line in the table for a timestamp which, along with the password, would be MD5 encoded. The verification e-mail then combines the two hashes (password and timestamp) to create the unique verification URL. I'm all for creating a timestamp hash, but isn't it generally a bad idea to send a users password hash over e-mail? Even MD5 hashes can be broken with minimal work these days.

But I am getting way ahead of myself

Needless to say, at this point, my mind is going beyond my means. I've got all these ideas for ways to modify this basic script... e-mail verifications, random image security, things like that. My goal is to integrate each of these as possible choices one can activate/deacti vate in an admin panel.

Like I said... grand plans that are, at this point, beyond my own means.

Oh yeah, I also modified the registration script to require minimum username lengths... no more single character members!

I sure am having fun though.



Edited at 11:28:21 am on 03/09/07


Feel free to kick me if I get annoying

    Viewed: 9,992 Times | Reply to This | To top
  This user is offline  misterhaan
  Subject: "re: What I have so far..." Posted: @ 3:20 pm on Mar 09 2007    

Member #: 5
Rank: User - (213)
Since: 02/11/05
Posts: 148
From: chair

  lingh0e said...

< i>Slightly harder fix: add a few simple lines of code to make sure the e-mail field isn't left blank at all.

Only slightly harder fix: add more code to ensure that the address entered isn't just an assortment of characters, but a legitimately formatted e-mail address.

Final solution (and further down the road of my PHP education) add a module that requires the user to enter a valid e-mail, send that e-mail a unique verification link and have the user click the link to verify the address as legitimate.

i've done all three! since you asked about the validation code, i throw a bunch of things together, md5() that, and send it to the user. i always make sure time() or microtime() is in there, and concatenate it with user id, password, e-mail address -- pretty much everything else i've got -- then run it through md5() and send it to the user. my login script then checks to see if there's anything in the verify column (which is where i store the verification code), and aborts with a not verified message. the verification script takes the login and the verification code, and if they match it sets the verify column to null.

for the first one i actually wrote a forms class that handles simple validation for me, like making sure required fields aren't blank and that numeric fields are actually numeric. it doesn't have an option for checking an e-mail though. if you're interested, you can download it from this page: new layout classes< /a> -- there's other stuff in there but the auForm files can be used by themselves.




please note that the above post is likely made up in its entirety.

    Viewed: 9,980 Times | Reply to This | To top
  This user is offline  gravy
  Subject: "re: What I have so far..." Posted: @ 5:47 pm on Mar 09 2007    

Member #: 294
Rank: User - (63)
Since: 03/07/07
Posts: 66
From: MN

 mister haan said...

< i>i've done all three! since you asked about the validation code, i throw a bunch of things together, md5() that, and send it to the user. i always make sure time() or microtime() is in there, and concatenate it with user id, password, e-mail address -- pretty much everything else i've got -- then run it through md5() and send it to the user. my login script then checks to see if there's anything in the verify column (which is where i store the verification code), and aborts with a not verified message. the verification script takes the login and the verification code, and if they match it sets the verify column to null.

for the first one i actually wrote a forms class that handles simple validation for me, like making sure required fields aren't blank and that numeric fields are actually numeric. it doesn't have an option for checking an e-mail though. if you're interested, you can download it from this page: new layout classes -- there's other stuff in there but the auForm files can be used by themselves.

so this will send email to user for valadation, plus send them their user name and pass, but also check for blank fields and what not?

how would I use (intergrate) this in my current site?




Photo Hosting Scripts? It's what I do....

    Viewed: 9,975 Times | Reply to This | To top
  This user is offline  misterhaan
  Subject: "re: What I have so far..." Posted: @ 8:57 pm on Mar 09 2007    

Member #: 5
Rank: User - (213)
Since: 02/11/05
Posts: 148
From: chair

the forms class will basically just make sure that required fields aren't blank, and that numeric fields are numeric. it doesn't contain any e-mail code. i haven't posted my e-mail address validation code anywhere yet, though you can probably find plenty of examples with google.

the forms class is a little complicated to use -- you have to include auForm.php, define your form and the fields on it, and then either check to see if it's been submitted correctly or write it out to the page. it also requires php version 5. if you're just starting with php it's probably best to look at parts of it for reference and try to work them into your own code.




please note that the above post is likely made up in its entirety.

    Viewed: 9,966 Times | Reply to This | To top
Viewing Page: 1 of 1


1 |

You must be logged in to post on the forums. Login or Register








"AllSyntax.com" Copyright © 2002-2018; All rights lefted, all lefts righted.
Privacy Policy  |  Internet Rank