Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Sep 2005
Posts: 102
T
Testing Offline OP
UGN Member
OP Offline
UGN Member
T
Joined: Sep 2005
Posts: 102
// Ok, So those that have followed and helped me so far understand im learning PHP via books and links. Here is my question.

I have been so far learning the fundamentals of php, IE. Arrays, variables, how to manipulate arrays, foreach else elseif etc....

I have yet to deal with sessions or cookies. I am wondering whether or not I should begin coding my own projects yet.

I have just basically gotten the basics down and havent finished my book. Each time I read a new chapter I get new awesome ideas. the examples in the book are lame but show the point there making nicely. So thats kinda the problem. im a bit tired of writing such boring stuff.

Think I should begin writing my own projects or continue learning the fundamentals as I have been so far? Keep in mind I haven't touched the topic of mysql.

Im thinking of just doing what I have been doing and getting through the entire book. This way I will be familiar with mysql and then my projects can really take off. However if I never start the damn things then all I learn is book work examples and I don't really get to apply the stuff I learn in my own stuff till later.

part of the problem is I only have time to either Learn via the book or work on a project and use the book as reference. Im leaning toward keeping on the path Im on.

I dunno, this questions comes after 2 darvaset and a beer so give me a bit of slack if im rambling without making sense!

Whatcha think?


?>


PS, just realized posted this in wrong forum.. Should prob be in offtopic. sorry.

Joined: Jun 2003
Posts: 807
Likes: 2
G
UGN Super Poster
Offline
UGN Super Poster
G
Joined: Jun 2003
Posts: 807
Likes: 2
I have experience with cookies. I haven't really delved into sessions yet, but I'll give you what I know about cookies.

First off, you will need to farmiliarize yourself with setcookie() .

For example, if I were to set a cookie to a user that authenticated to a script I wrote, i'd do this:

Code
if(isset($user_variable) && isset($password_variable)) {
if(is_authenticated()) {
$cookie_data = $user_variable . "-" . md5(md5("$password_variable") . "$salt");
$server_path = $_SERVER['PATH_TRANSLATED'];
$server_name = $_SERVER['SERVER_NAME'];
setcookie("cookie_name", "$cookie_data", , "", "$document_root", "$name", FALSE);
} else {
not_authenticated()
}
To read from a cookie, let's say named cookie_name, I would do this:
Code
$cookie = $_COOKIE['cookie_name'];
You can then deal with $cookie as the data for the cookie cookie_name

For example, if I were to want to verify that the password hash sent by a user's browser was valid, like I had done above, I would do this:
Code
$cookie_exploded = explode("-", "$cookie");
$password_hash = $cookie_exploded[1];

if(md5(md5("$user_password") . "$salt")) {
is_authenticated();
} elese {
not_authenticated();
}
I know this is somewhat confusing seeing as how I made up functions, so I'll put it into context with a full fledged script:
Code
<?php

$allowed_users =
array(
"Ghost" => hash("testing123")
);

$user = $_POST['user'];
$password = $_POST['password'];
$cookie = $_COOKIE['cookie_name'];
$server = $_SERVER['SERVER_NAME'];
$self = $_SERVER['PHP_SELF'];
$salt = "98u234ja";

$cookieexploded = explode("-", $cookie);
$user_cookie = $cookieexploded[0];
$password_cookie = $cookieexploded[1];

function hash($hash_password)
{

$hash = md5(md5("$hash_password") . "$salt");
return $hash;

}

function authenticated_function()
{

global $cookie;
global $user_cookie;
global $password_cookie;
$cookieexploded = explode("-", $cookie);
echo "You successfully authenticated!" . "
";
echo "User: " . $user_cookie . "
";
echo "Password Hash: " . $password_cookie . "
";
echo "Cookie Value: " . $cookie . "<br /";

}

function authenticated($cookie_user, $cookie_hash)
{

global $server;
$cookie_data = "$cookie_user" . "-" . "$cookie_hash";
setcookie("cookie_name", "$cookie_data",time() * 60 * 24 * 365, "/", "$server", FALSE);
header("Location: $self");

}

function not_authenticated()
{

echo "Not authenticated, foo.";

}

$allowed_user = $allowed_users[$user_cookie];
if(isset($allowed_user) && $allowed_user == $password_cookie) {

authenticated_function();

} elseif($allowed_users[$user_cookie] != $password_cookie) {

echo "You failed to authenticate with cookies" . "
";

} elseif(isset($user)) {

if($allowed_users[$user] == hash($password)) {

authenticated($user, hash($password));

} else {

not_authenticated();

}

} else {

?>
<html>
<head>
  <title>User Authentication Test</title>
</head>
<body>
  <form action="<?php echo $self; ?>" method="post">
   User:<input name="user" type="text" size="25">

   Password: <input name="password" type="password" size="25">

   <input type="submit">
  </form>
</body>
</html>
<?php

}

Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
I think you should code as much as you can, experiance is experiance, and the more youhave the better wink ...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Joined: Mar 2002
Posts: 1,136
P
UGN Elite Poster
Offline
UGN Elite Poster
P
Joined: Mar 2002
Posts: 1,136
Dude projects are how you learn. I go, "Man I should do ____" and have absolutely no clue how to do it, so I just dive right in, and learn the pieces I need to to make it work. Then the project fails miserably because I didn't plan it very well, but all of a sudden I know a lot more about how I should actually architect a project in addition to all the plumbing I need to make it happen. That's fun [censored].

Joined: Dec 2002
Posts: 3,255
Likes: 3
UGN Elite
Offline
UGN Elite
Joined: Dec 2002
Posts: 3,255
Likes: 3
:nods:

First several projects are sooo frustrating. You fail like the titanic. Then you suceed. Now you are on top of the world. The feeling of finishing a well coded project.... I have had coke that doesn't compare to the high of geekphoria. Delusions of grandure and all that [censored].

Strike out, code, code lots. Decide to make something easy and make it. I sugested the search engine before, but, maybe a news system, link management system. Anything, just code something and you will learn a lot. Make yourself add features to it. Do not shy away from something because you do not know how to do it. Decide, that is what you want to do, look up how to do it or someone who did something like it.


Link Copied to Clipboard
Member Spotlight
Phatal
Phatal
Houston, TX
Posts: 298
Joined: April 2004
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Cyrez 1
Girlie 1
unreal 1
Crime 1
Powered by UBB.threads™ PHP Forum Software 7.7.5