Php code for validating username and password dating before marriage length
validate Email($email) && $error === false) if ($error === true) else ? What is the best (or a good) way to handle user input messages/errors?
Also I've read a tutorial (which unfortunately I can't find anymore) where it was recommended to give the users hints and tips about their input, instead of giving them a big bold red warning. Just posting a class is not very useful for making OP a better coder.
validate Username($username) && $error === false) if (!
validate Password($password) && $error === false) if (!
2- you are storing the password in the clear This is a huge no no. You store the password hash using: See: Secure hash and salt for PHP passwords And: What is "salt" when relating to MYSQL sha1?
Combined with the SQL-injection hole, it will take a hacker 5 minutes to get a list of all usernames and passwords on your site. BTW, use SHA2 with a 512 keylength, SHA1 is no longer secure, and MD5 is even more broken.
If there are no rows with the entered data, we just redirect the user to the login form again.Here is the code to look up the username and password.Please notice that we must compare the value for the password from the database with the MD5 encrypted value of the password entered by the user.3- A login can only ever match against 1 user This code: @Bojan, there's no problem using the $_GET in your code, there's only a problem when you insert the $_GET into an SQL or HTML string.
In the first case you need to worry about SQL-injection, in the latter you need to worry about XSS.
I will continue my next article to give you an in-depth knowledge about XAMPP, Fil Zilla and Git Hub lessons.