Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by WesleyA

  1. Sorry it's an old question. I had the topic put aside for a while but I want to go on with it. I found this script online, it recommends to use SSL, but the whole setup is done with javascript encryption. http://www.wikihow.com/Create-a-Secure-Login-Script-in-PHP-and-MySQL My issue is that I dont know if I can trust a script developed by a third party. I can undestand a part of the script, but encryption is really complicated. (thouhg i have not tested or practiced any javascript encryption yet). What does this encryption do in the example used in the link above and what does the author know about how it is done? How safe is javascript encryption of a third party anyway? I hope people here can help me and explain these things in a more clear way to me.
  2. can you show what you mean? Im also thinking of making a record pseudo empty (so with only one field) but I wonder if there is a good php solution.
  3. I have a table which is either empty or has 1 record If the table is empty i cant retrieve info from the database and get an error message. my code: $sql = "SELECT id FROM users WHERE id = (SELECT MAX(id)FROM users)"; $result = $conn->query($sql); foreach ( $conn->query($sql) as $row ) { $id = $row['id']; the for each line gives an error message: how to solve this?
  4. I googled it and found it. http://dev.mysql.com/doc/refman/5.7/en/example-maximum-row.html First google, then ask I should have known
  5. For these query (if exists) I am searching. If you want to select the last added record I use this query $hi_val = mysqli_insert_id($conn); Above code works but only if I have just added with INSERT, but I want to use it with SELECT. I also have a php part in combination with COUNT ROWS and then determine the highest record value. But I am looking for MYSQL query that counts and determines the last added record and select it. what solutions do you know?
  6. For those who are interested in solving this: I placed the class attribute in frame. This gives somewhat a satisfying result. I couldnt find a tut saying that class can be placed inside a frame tag.
  7. frameset cant be embedded between 2 body tags?
  8. My code doesnt work the way I want it. The goal is a gradient background. I made an external style sheet. Like this: .grad{ height: 1020px; width: 1900px; /* Permalink - use to edit and share this gradient: http://colorzilla.com/gradient-editor/#feffff+0,ddf1f9+35,a0d8ef+100;Blue+3D+%2318 */ background: #feffff; /* Old browsers */ background: -moz-linear-gradient(top, #feffff 0%, #ddf1f9 35%, #a0d8ef 100%); /* FF3.6-15 */ background: -webkit-linear-gradient(top, #feffff 0%,#ddf1f9 35%,#a0d8ef 100%); /* Chrome10-25,Safari5.1-6 */ background: linear-gradient(to bottom, #feffff 0%,#ddf1f9 35%,#a0d8ef 100%); /* W3C, IE10+, FF16+, Chrome26+, Opera12+, Safari7+ */ filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#feffff', endColorstr='#a0d8ef',GradientType=0 ); /* IE6-9 */ } .maincell { text-align: left; width: 1900px; } .topcell { horizontal-align: left; height: 100px; } .downcell { horizontal-align: left; height: 600px; } The html code <html> <head> <link rel="stylesheet" type="text/css" href="style3.css"> </head> <body class="grad"> <FRAMESET ROWS="15%,85%" frameBorder="0" border="0"> <FRAME SRC="carn_head.php" name="navigatie" scrolling="no"> <FRAME SRC="carn_bottom.html" bordercolor="#CBEDF1" name="main"> </FRAMESET> </body> </html> The error is that I get to see a gradient background but not the code put in the pages. It used to when I hadnt add the .grad class. How can I have a gradient background and over it a frame showing the pages intended in the frame src?
  9. Hi I'm looking for a way to put content from one site (an entire page including images and server side scripts) in a frame from another site. I would like to find a solution my idea is javascript(not sure), do you have any hints/suggestions?
  10. hello I have some questions about IIS. Is it possible to use IIS for developing html/javascript/css ? I am just totally new to the subject, I'm looking for good tuts about it, and then especially if you know it works like WAMP so being able to control the httpd file and create virtual hosts and makes web pages here. Please help
  11. I see. For me the entire matter is still a bit perilous. But if I use html and the password attribute and have that sent by SSL/TSL towards the server and store the password encrypted in the database then it is safe? I'm asking this because I'm looking for the right method. If there is one; at least. (there could be more namly)
  12. And how vast is ' a multitude ' according to you?
  13. Hi all I would like to know whether it is possible or not to build a secure inlog script. The script I have as example is mainly in php. I read a couple of tuts online and watched some youtube video's and discovered that both javascript and php are used. I dont know much about encryption but more and more questions are rising ..... Is it true that it is possible to add javascript encryption wen you want a user to login ? My own idea is that this looks quite insecure as anybody can see the encryption code. I have more questions but first i would like to know this if possible.
  14. I installed it it is really usefful thanks
  15. Never hear of it. Is that a Test Mail Server Tool? And should I install that / is there a download link? Or can it be activated in WAMP?
  16. I have WAMP installed and the goal is to create a script that sends emails. I checked the php.ini file and found no smtp is installed. But how does this work with WAMP? I need a mailserver I assume? Is there a default one in WAMP and how to install it? If not then how can I install a good one? And how to configure it?
  17. How should I validate 'wrong' or 'fake' protocols? Not sure how to explain this. I mean type mismatches like gttps : // but also random chars like qwerty : // should be validated. So chars before : // ( placed spaces in the protocols above else I wasnt possible to post it here) How to do this with regex php?
  18. I had to use $_SERVER['DOCUMENT_ROOT'];
  19. In PHPmyadmin I can't move the position of the columns. So when I go to change/modify (not sure how it's called in English) I get the possibility to move column and the place it after another column then where its placed now. Though, it does print the query it goes like ALTER TABLE `my_tab` CHANGE `col1` `col1` TINYINT(1) NULL DEFAULT NULL AFTER `col5`; I have not tested in the mysql console, but in PHP the columns don't move (anymore) like they did do beforehand.
  20. hello my programming is focused at the image processing library GD and FREE TYPE. I tried , amongst others, the script at this page : http://code.tutsplus.com/tutorials/build-your-own-captcha-and-contact-form--net-5362 but I cant get it working. I placed the true type font *.ttf file in the right directory but still get an error message saying: The image 'http://localhost/mydirectory/captcha.php' can't be displayed because it contains errors. (not sure this is the correct translation of the errormessage as it was displayed in my own language). I tried many things. like placing it in another directory. I checked phpinfo() to see if GD was installed which it was. Firefox gives an error message, IE and Chrome just dont show anything. This is the code: <?php session_start(); $string = ''; for ($i = 0; $i < 5; $i++) { // this numbers refer to numbers of the ascii table (lower case) $string .= chr(rand(97, 122)); } $_SESSION['rand_code'] = $string; // $dir = 'fonts/'; $dir = 'http://localhost/mydir/fonts/'; $image = imagecreatetruecolor(170, 60); $black = imagecolorallocate($image, 0, 0, 0); $color = imagecolorallocate($image, 200, 100, 90); // red $white = imagecolorallocate($image, 255, 255, 255); imagefilledrectangle($image,0,0,399,99,$white); // imagettftext ($image, 30, 0, 10, 40, $color, $dir."arial.ttf", $_SESSION['rand_code']); imagettftext ($image, 30, 0, 10, 40, $color, "arial.ttf", $_SESSION['rand_code']); header("Content-type: image/png"); imagepng($image); ?> What I want to know first is if I understand fully how it should be done. Maybe the tut I'm working with is not complete. Online I found a few topics with the same error report, they solved it by saving it as another file format (not utf-8). I would like to try that but dont know how. Notepad doesnt seem to have that feature of another file format like UTF-8 NO NOM. And besides that: WHY is file format so important? Please help !
  21. So when using SSL; other encryption or hashing methods are not necessary?
  22. Hi, thanks for the links. I'm now reading the owasp.org docs. Here they speak about the SSL/TLS authentication security model : https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet#Architectural_Decision But are there any other models for security? And in which way are they better, safer or unsafer compared to the SSL/TLS model?
  23. I'm trying to create a secure inlog script in php/mysql. I'm faced with many subjects I absolutely know nothing about so I was looking for some help. I'm want to understand the route of a password from the browser to the database. One thing that is very hazy to me is the difference between SSL and encryption. My idea is that I could use javascript SHA 256 encryption at the client side. But other sources online recommend SSL. I was thinking, would it be possible to both use SSL as well as SHA encryption. Now, I asked questions before here moslty solving script issues, but now, I look for an advice about what the possibilities are. I have no script yet, because first I want to determine in which way the chances for security leaks are minimized. is there anyone who can give more clarity about it?
  • Create New...