php - Show content only if logged in -


hello have question. have set login system cookies , works. wonder there more clean version of doing this.

<? include('../config/db_config.php');  $username = $_cookie['user']; $password = $_cookie['pass'];  $result = mysql_query("select * users isadmin = 1");  while($row = mysql_fetch_array($result)) {     if($username == $row['username'] && $password == $row['password'])     {         //user entered correct username , password         echo("allow");     }     else     {         //user entered incorrect username , password         echo("deny");     } } ?>

you see want content shown if logged in admin. what, way of doing echo'ing out html/php/javascript instead of echoing allow because if include("somepage.php") there page still avialable usage without logging in, , if same check there still echo'ing out everything.

  • why loading every user, comparing username , password? wouldn't easier load single user matching username , password?

  • loading single user allow remove while().

  • in php, don't use mysql_query; do use pdo (if need, google know why it's better).

  • check input (quite optional here, agree).

  • do never store passwords in plain text format.

you can (i haven't used php/pdo years, code may inexact):

if (strlen($username)> 128) {     // wrong. username long. }  $hash = sha1($password); $sth = $dbh->prepare('if exists(select * users isadmin = 1 , username = :username , password = :password) select 1 else select 0'); $sth->bindparam(':username', $username, pdo::param_str, 128); $sth->bindparam(':password', $hash, pdo::param_str, 40); $sth->execute(); $isfound = $sth->fetchall(); if ($isfound) {     // user entered correct username , password.     echo 'allow'; }

Comments

Post a Comment

Popular posts from this blog

asp.net - repeatedly call AddImageUrl(url) to assemble pdf document -

i'm using abcpdf , i'm curious if can recursively call addimageurl() function assemble pdf document compile multiple urls? something like: int pagecount = 0; int theid = thedoc.addimageurl("http://stackoverflow.com/search?q=abcpdf+footer+page+x+out+of+", true, 0, true); //assemble document while (thedoc.chainable(theid)) { thedoc.page = thedoc.addpage(); theid = thedoc.addimagetochain(theid); } pagecount = thedoc.pagecount; console.writeline("1 document page count:" + pagecount); //flatten document (int = 1; <= pagecount; i++) { thedoc.pagenumber = i; thedoc.flatten(); } //now try again theid = thedoc.addimageurl("http://stackoverflow.com/questions/1980890/pdf-report-generation", true, 0, true); //assemble document while (thedoc.chainable(theid)) { thedoc.page = thedoc.addpage(); theid = thedoc.addimagetoc...
Read more

java - Android recognize cell phone with keyboard or not? -

in android app, want detect user's device if device has keyboard(like motorola milestone) , show corresponding user interface. guys know how that? ! regards justicepenny http://developer.android.com/reference/android/content/res/configuration.html public int keyboard the kind of keyboard attached device. 1 of: keyboard_nokeys, keyboard_qwerty, keyboard_12key. that's it!
Read more

iphone - How would you achieve a LED Scrolling effect? -

how achieve led scrolling effect example below? led sign - led ticker emulator iphone , ipad http://img.skitch.com/20101201-rsfh4p1bajb1wp94k466pdpiuj.preview.jpg sometimes remunerates comment in other posts :) have put code you, should implement font '8pin matrix' realistic feeling. uilabel *label; - (void)viewdidload { [super viewdidload]; label = [[uilabel alloc]initwithframe:cgrectmake(10, 50, 300, 20)]; label.font = [uifont fontwithname:@"courier-bold" size:16.0]; label.backgroundcolor = [uicolor blackcolor]; label.textcolor = [uicolor greencolor]; label.linebreakmode = uilinebreakmodecharacterwrap; // otherwise "…" label.text = @"this led text scrolled "; // blanks space between [self.view addsubview:label]; [nstimer scheduledtimerwithtimeinterval:0.12f target:self selector:@selector(scrolllabel) use...
Read more