|
|
Posted by Peter Fox on 12/21/05 11:45
Following on from Pete Horm's message. . .
>Hi everyone,
>I have a question about using this variable. I am new to programming and I
>had a book that was a couple of years old regarding php programming. None
>of the examples were working correctly, until I discovered that my new
>version of PHP 4.4 disabled global variables. I figured out how to make
>the following php script work correctly, but I don't know if the way I made
>it work is the accepted way of doing things with $_POST. I created new
>variables in the php script. If anyone could take a look at the following
>html and php script, and let me know if this is the right way of doing it
>or if there is a better way, I would greatly appreciate it. Thanks in
>advance. pete
A few random observations:
1 - Well done. If you've never programmed before - excellent. You
have achieved a great deal (probably a lot more than you realise) with a
small amount of code.
2 - You will learn a great deal from browsing the manual - either the
on-line version or the downloaded version to browse at your leisure.
<http://www.php.net/download-docs.php>
3 - You will also discover the existence of naughty people who don't use
your code 'like wot they ought'. There are two ways to do this: Either
by getting wise to the common methods of hacking PHP/SQL pages or not
getting wise to them. For example follow step 2 above and look for "SQL
Injection" (Hint: Now!)
4 - Debugging PHP is not the easiest thing in the world. You might find
print_r() being used a bit. Find out what you can about PHP Gotchas.
5 - There are plenty of web resources for PHP. Browse, surf, download
and study. You might use this NG for pointers to PHP+MySQL+Server
knowledge but we won't be rewriting your code unless we're exceptionally
bored. (Since there are as many wrong ways to write code as there are
right ways it's a bit of a lottery anyway.)
6 - Once you've dealt with item 3 your next challenge will be Sessions.
Some people never have a problem, others find it a struggle. If I were
you I'd play with some small test pages. Lots of print_r()s ahead!
7 - WRT your code :
>if ($num_rows > 0 ) {
> header("Location: mailman_main.php");
>}else {
> header("Location: failedlogon.html");
>}
I'd (a) test for what I came for not just 'something'
(b) Have hashed using say MD5 the p/w
(c) Not used an underscore in a page name
--
PETER FOX Not the same since the bra business went bust
peterfox@eminent.demon.co.uk.not.this.bit.no.html
2 Tees Close, Witham, Essex.
Gravity beer in Essex <http://www.eminent.demon.co.uk>
Navigation:
[Reply to this message]
|