to code or not to code. that is my question!

Network Sites

UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development

You are not logged in. [Log In] UGN Security Forums » Forums » UGN Security: Knowledge Base » Programming
» Web Design, Protocols & Other Languages » to code or not to code. that is my question!

May
Su	M	Tu	W	Th	F	Sa
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

Our Sponsors

Sponsor Advertisements help keep UGN Security Online.

Want to earn prizes for clicking online advertisements? Join Rewards1.com.

Latest Postings

Latest Reviews

Topic Options

Rate This Topic

#19390 - 10/09/05 03:29 PM to code or not to code. that is my question!
Testing UGN Member Registered: 09/21/05 Posts: 102 Loc: Sacramento, CA	// Ok, So those that have followed and helped me so far understand im learning PHP via books and links. Here is my question. I have been so far learning the fundamentals of php, IE. Arrays, variables, how to manipulate arrays, foreach else elseif etc.... I have yet to deal with sessions or cookies. I am wondering whether or not I should begin coding my own projects yet. I have just basically gotten the basics down and havent finished my book. Each time I read a new chapter I get new awesome ideas. the examples in the book are lame but show the point there making nicely. So thats kinda the problem. im a bit tired of writing such boring stuff. Think I should begin writing my own projects or continue learning the fundamentals as I have been so far? Keep in mind I haven't touched the topic of mysql. Im thinking of just doing what I have been doing and getting through the entire book. This way I will be familiar with mysql and then my projects can really take off. However if I never start the damn things then all I learn is book work examples and I don't really get to apply the stuff I learn in my own stuff till later. part of the problem is I only have time to either Learn via the book or work on a project and use the book as reference. Im leaning toward keeping on the path Im on. I dunno, this questions comes after 2 darvaset and a beer so give me a bit of slack if im rambling without making sense! Whatcha think? ?> PS, just realized posted this in wrong forum.. Should prob be in offtopic. sorry. _________________________ Flipping houses in Sacramento market has been fantastic. Curious about what it takes to flip houses? Follow me at http://sacramentoflips.com.
Top

Our Sponsors

Sponsor Advertisements help keep UGN Security Online.

Sponsor Advertisements help keep UGN Security Online.

#19391 - 10/10/05 06:09 AM

Re: to code or not to code. that is my question!

Ghost

UGN Super Poster

Registered: 06/16/03
Posts: 807
Loc: Wisconsin

I have experience with cookies. I haven't really delved into sessions yet, but I'll give you what I know about cookies.

First off, you will need to farmiliarize yourself with setcookie() .

For example, if I were to set a cookie to a user that authenticated to a script I wrote, i'd do this:

Code:

if(isset($user_variable) && isset($password_variable)) {
if(is_authenticated()) {
$cookie_data = $user_variable . "-" . md5(md5("$password_variable") . "$salt");
$server_path = $_SERVER['PATH_TRANSLATED'];
$server_name = $_SERVER['SERVER_NAME'];
setcookie("cookie_name", "$cookie_data", , "", "$document_root", "$name", FALSE);
} else {
not_authenticated()
}

To read from a cookie, let's say named cookie_name, I would do this:

Code:

$cookie = $_COOKIE['cookie_name'];

You can then deal with $cookie as the data for the cookie cookie_name

For example, if I were to want to verify that the password hash sent by a user's browser was valid, like I had done above, I would do this:

Code:

$cookie_exploded = explode("-", "$cookie");
$password_hash = $cookie_exploded[1];

if(md5(md5("$user_password") . "$salt")) {
is_authenticated();
} elese {
not_authenticated();
}

I know this is somewhat confusing seeing as how I made up functions, so I'll put it into context with a full fledged script:

Code:

<?php

$allowed_users =
array(
"Ghost" => hash("testing123")
);

$user = $_POST['user'];
$password = $_POST['password'];
$cookie = $_COOKIE['cookie_name'];
$server = $_SERVER['SERVER_NAME'];
$self = $_SERVER['PHP_SELF'];
$salt = "98u234ja";

$cookieexploded = explode("-", $cookie);
$user_cookie = $cookieexploded[0];
$password_cookie = $cookieexploded[1];

function hash($hash_password)
{

$hash = md5(md5("$hash_password") . "$salt");
return $hash;

}

function authenticated_function()
{

global $cookie;
global $user_cookie;
global $password_cookie;
$cookieexploded = explode("-", $cookie);
echo "You successfully authenticated!" . "
";
echo "User: " . $user_cookie . "
";
echo "Password Hash: " . $password_cookie . "
";
echo "Cookie Value: " . $cookie . "<br /";

}

function authenticated($cookie_user, $cookie_hash)
{

global $server;
$cookie_data = "$cookie_user" . "-" . "$cookie_hash";
setcookie("cookie_name", "$cookie_data",time() * 60 * 24 * 365, "/", "$server", FALSE);
header("Location: $self");

}

function not_authenticated()
{

echo "Not authenticated, foo.";

}

$allowed_user = $allowed_users[$user_cookie];
if(isset($allowed_user) && $allowed_user == $password_cookie) {

authenticated_function();

} elseif($allowed_users[$user_cookie] != $password_cookie) {

echo "You failed to authenticate with cookies" . "
";

} elseif(isset($user)) {

if($allowed_users[$user] == hash($password)) {

authenticated($user, hash($password));

} else {

not_authenticated();

}

} else {

?>
<html>
<head>
  <title>User Authentication Test</title>
</head>
<body>
  <form action="<?php echo $self; ?>" method="post">
   User:<input name="user" type="text" size="25">

   Password: <input name="password" type="password" size="25">

   <input type="submit">
  </form>
</body>
</html>
<?php

}

_________________________
[[ GamerSupport ] [ UGN Security ] [ Evil Hosting ] [ Comic Relief ]
~[Ghost]

Top

#19392 - 10/10/05 07:04 AM Re: to code or not to code. that is my question!
Gremelin Community Owner Registered: 02/28/02 Posts: 7192 Loc: Portland, OR; USA	I think you should code as much as you can, experiance is experiance, and the more youhave the better ... _________________________ Donate to UGN Security here. UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner
Top

#19393 - 10/10/05 09:52 AM Re: to code or not to code. that is my question!
pergesu UGN Elite Poster Registered: 03/14/02 Posts: 1136 Loc: Pimpin the Colorizzle	Dude projects are how you learn. I go, "Man I should do ____" and have absolutely no clue how to do it, so I just dive right in, and learn the pieces I need to to make it work. Then the project fails miserably because I didn't plan it very well, but all of a sudden I know a lot more about how I should actually architect a project in addition to all the plumbing I need to make it happen. That's fun shit. _________________________ Looking for great places to eat in Grand Junction?
Top

#19394 - 10/10/05 08:58 PM Re: to code or not to code. that is my question!
§intå× UGN Elite Registered: 12/03/02 Posts: 3255 Loc: Maryland	:nods: First several projects are sooo frustrating. You fail like the titanic. Then you suceed. Now you are on top of the world. The feeling of finishing a well coded project.... I have had coke that doesn't compare to the high of geekphoria. Delusions of grandure and all that shit. Strike out, code, code lots. Decide to make something easy and make it. I sugested the search engine before, but, maybe a news system, link management system. Anything, just code something and you will learn a lot. Make yourself add features to it. Do not shy away from something because you do not know how to do it. Decide, that is what you want to do, look up how to do it or someone who did something like it. _________________________ My New site OpenEyes
Top

Previous Topic

Index

Next Topic

Hop to:

Moderator: §intå×, Gremelin

Featured Member

HighLander

Registered: 03/07/02
Posts: 270

Forum Stats

2198 Members
46 Forums
24841 Topics
60011 Posts

Max Online: 1567 @ 04/25/10 10:20 AM