 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
danway60
Expert Cheater
![]() Reputation: 0
Joined: 13 Jun 2007
Posts: 209
|
 Posted: Sat Jul 11, 2009 11:43 am Post subject: PHP logins etc. |
 |
|
Hey,
Does anybody know of any good tutorials where I can learn to program a "User" feature for my website: http://gamecity.frihost.net. I.e. the user can log in, save which games they like to a favourites thing.
Also, how do you do cookies, where I can do a kind of last games played feature?
Many thanks, Dan.
_________________
|
|
| Back to top |
|
 |
Cheat Engine User
Something epic
![]() Reputation: 60
Joined: 22 Jun 2007
Posts: 2071
|
| Posted: Sat Jul 11, 2009 11:57 am Post subject: |
|
|
First of all, login is not the only thing that is there. You need actually something the user is used for. You need to make the user register. Then there are different kinds of ways to store the stuff about the user.
You can use text files for storing the user info. It's a bit complicated, and without the right settings, people can read those text files. This requires fwrite(), fread() and fopen().
You can also use SQL for storing the user info. It's a lot easier, but a bit complicated to set up and creating the database can be hard for a first timer as well. But when it's set up, reading and writing to it is a piece of cake. This one requires mysql commands like mysql_select_database(), mysql_connect() and mysql_query().
Cookies are set using setcookie(name of the cookie, value of the cookie, expire date). For example: setcookie("TG", "user-1 password", time()+60);
This will create a cookie for a minute, and then it expires. Accessing the cookie can be done by using $_COOKIE['Cookie name']
|
|
| Back to top |
|
|
shhac
Expert Cheater
![]() Reputation: 0
Joined: 30 Oct 2007
Posts: 108
|
| Posted: Sat Jul 11, 2009 12:59 pm Post subject: |
|
|
| It is bad practice to store the user and pass in the cookie; make a session cookie using a value of something like md5(username . time()), and store that in the user table too (i.e. it will change every time they log in)
|
|
| Back to top |
|
|
Cheat Engine User
Something epic
![]() Reputation: 60
Joined: 22 Jun 2007
Posts: 2071
|
| Posted: Sat Jul 11, 2009 4:24 pm Post subject: |
|
|
| shhac wrote: | | It is bad practice to store the user and pass in the cookie; make a session cookie using a value of something like md5(username . time()), and store that in the user table too (i.e. it will change every time they log in) |
Even this is quite easily hacked, by cookie stealing. So adding an IP is good idea as well.
|
|
| Back to top |
|
|
compactwater
I post too much
![]() Reputation: 8
Joined: 02 Aug 2006
Posts: 3923
|
| Posted: Sat Jul 11, 2009 5:50 pm Post subject: |
|
|
| Holland wrote: | | shhac wrote: | | It is bad practice to store the user and pass in the cookie; make a session cookie using a value of something like md5(username . time()), and store that in the user table too (i.e. it will change every time they log in) |
Even this is quite easily hacked, by cookie stealing. So adding an IP is good idea as well. |
Most sites do not check for IPs, but have checks on form sessions to prevent session hijacking (CEF does this) and logs IPs when any action is made. Checking by IP would mostly just annoy users with dynamic IPs. A session cookie alone would work fine, an intruder cannot get the password from that (as it's not a hash, or if it is, it's salted), and logging in would only make the intruder known. Any damage done could be easily be reversed, although this may be a burden for the staff. :P
Sorry Holly :(
|
|
| Back to top |
|
|
dnsi0
I post too much
![]() Reputation: 0
Joined: 04 Jan 2007
Posts: 2674
|
| Posted: Sat Jul 11, 2009 7:52 pm Post subject: |
|
|
use sessions?
session_start();
then $_SESSION['sdafdsa']=whatever
Compactwater O.o
|
|
| Back to top |
|
|
&Vage
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Jul 2008
Posts: 1053
|
| Posted: Sat Jul 11, 2009 11:42 pm Post subject: |
|
|
| Holland wrote: | First of all, login is not the only thing that is there. You need actually something the user is used for. You need to make the user register. Then there are different kinds of ways to store the stuff about the user.
You can use text files for storing the user info. It's a bit complicated, and without the right settings, people can read those text files. This requires fwrite(), fread() and fopen().
You can also use SQL for storing the user info. It's a lot easier, but a bit complicated to set up and creating the database can be hard for a first timer as well. But when it's set up, reading and writing to it is a piece of cake. This one requires mysql commands like mysql_select_database(), mysql_connect() and mysql_query().
Cookies are set using setcookie(name of the cookie, value of the cookie, expire date). For example: setcookie("TG", "user-1 password", time()+60);
This will create a cookie for a minute, and then it expires. Accessing the cookie can be done by using $_COOKIE['Cookie name'] |
Using files to store data is quite stupid in my opinion  inb4moarsecurity.
| Code: |
start_session();
$_SESSION['userid'] = 'userid';
$_SESSION['pass'] = 'loluisgay';
|
|
|
| Back to top |
|
|
Cheat Engine User
Something epic
![]() Reputation: 60
Joined: 22 Jun 2007
Posts: 2071
|
| Posted: Sun Jul 12, 2009 6:55 am Post subject: |
|
|
| ; wrote: | | Holland wrote: | First of all, login is not the only thing that is there. You need actually something the user is used for. You need to make the user register. Then there are different kinds of ways to store the stuff about the user.
You can use text files for storing the user info. It's a bit complicated, and without the right settings, people can read those text files. This requires fwrite(), fread() and fopen().
You can also use SQL for storing the user info. It's a lot easier, but a bit complicated to set up and creating the database can be hard for a first timer as well. But when it's set up, reading and writing to it is a piece of cake. This one requires mysql commands like mysql_select_database(), mysql_connect() and mysql_query().
Cookies are set using setcookie(name of the cookie, value of the cookie, expire date). For example: setcookie("TG", "user-1 password", time()+60);
This will create a cookie for a minute, and then it expires. Accessing the cookie can be done by using $_COOKIE['Cookie name'] |
Using files to store data is quite stupid in my opinion inb4moarsecurity.
|
Sessions use an awful lot of memory when you have quite a bit of members. I store the IP in the Mysql database, and make a cookie with the username, pass and ip hashed whenever I log into my own little browser game. This will prevent that the cookies can be used on another computer.
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
