to code or not to code. that is my question!

UGN Security

// Ok, So those that have followed and helped me so far understand im learning PHP via books and links. Here is my question.

I have been so far learning the fundamentals of php, IE. Arrays, variables, how to manipulate arrays, foreach else elseif etc....

I have yet to deal with sessions or cookies. I am wondering whether or not I should begin coding my own projects yet.

I have just basically gotten the basics down and havent finished my book. Each time I read a new chapter I get new awesome ideas. the examples in the book are lame but show the point there making nicely. So thats kinda the problem. im a bit tired of writing such boring stuff.

Think I should begin writing my own projects or continue learning the fundamentals as I have been so far? Keep in mind I haven't touched the topic of mysql.

Im thinking of just doing what I have been doing and getting through the entire book. This way I will be familiar with mysql and then my projects can really take off. However if I never start the damn things then all I learn is book work examples and I don't really get to apply the stuff I learn in my own stuff till later.

part of the problem is I only have time to either Learn via the book or work on a project and use the book as reference. Im leaning toward keeping on the path Im on.

I dunno, this questions comes after 2 darvaset and a beer so give me a bit of slack if im rambling without making sense!

Whatcha think?

?>

PS, just realized posted this in wrong forum.. Should prob be in offtopic. sorry.

I have experience with cookies. I haven't really delved into sessions yet, but I'll give you what I know about cookies.

First off, you will need to farmiliarize yourself with setcookie() .

For example, if I were to set a cookie to a user that authenticated to a script I wrote, i'd do this:

Code

if(isset($user_variable) && isset($password_variable)) {
if(is_authenticated()) {
$cookie_data = $user_variable . "-" . md5(md5("$password_variable") . "$salt");
$server_path = $_SERVER['PATH_TRANSLATED'];
$server_name = $_SERVER['SERVER_NAME'];
setcookie("cookie_name", "$cookie_data", , "", "$document_root", "$name", FALSE);
} else {
not_authenticated()
}

To read from a cookie, let's say named cookie_name, I would do this:

Code

$cookie = $_COOKIE['cookie_name'];

You can then deal with $cookie as the data for the cookie cookie_name

For example, if I were to want to verify that the password hash sent by a user's browser was valid, like I had done above, I would do this:

Code

$cookie_exploded = explode("-", "$cookie");
$password_hash = $cookie_exploded[1];

if(md5(md5("$user_password") . "$salt")) {
is_authenticated();
} elese {
not_authenticated();
}

I know this is somewhat confusing seeing as how I made up functions, so I'll put it into context with a full fledged script:

Code

<?php

$allowed_users =
array(
"Ghost" => hash("testing123")
);

$user = $_POST['user'];
$password = $_POST['password'];
$cookie = $_COOKIE['cookie_name'];
$server = $_SERVER['SERVER_NAME'];
$self = $_SERVER['PHP_SELF'];
$salt = "98u234ja";

$cookieexploded = explode("-", $cookie);
$user_cookie = $cookieexploded[0];
$password_cookie = $cookieexploded[1];

function hash($hash_password)
{

$hash = md5(md5("$hash_password") . "$salt");
return $hash;

}

function authenticated_function()
{

global $cookie;
global $user_cookie;
global $password_cookie;
$cookieexploded = explode("-", $cookie);
echo "You successfully authenticated!" . "
";
echo "User: " . $user_cookie . "
";
echo "Password Hash: " . $password_cookie . "
";
echo "Cookie Value: " . $cookie . "<br /";

}

function authenticated($cookie_user, $cookie_hash)
{

global $server;
$cookie_data = "$cookie_user" . "-" . "$cookie_hash";
setcookie("cookie_name", "$cookie_data",time() * 60 * 24 * 365, "/", "$server", FALSE);
header("Location: $self");

}

function not_authenticated()
{

echo "Not authenticated, foo.";

}

$allowed_user = $allowed_users[$user_cookie];
if(isset($allowed_user) && $allowed_user == $password_cookie) {

authenticated_function();

} elseif($allowed_users[$user_cookie] != $password_cookie) {

echo "You failed to authenticate with cookies" . "
";

} elseif(isset($user)) {

if($allowed_users[$user] == hash($password)) {

authenticated($user, hash($password));

} else {

not_authenticated();

}

} else {

?>
<html>
<head>
  <title>User Authentication Test</title>
</head>
<body>
  <form action="<?php echo $self; ?>" method="post">
   User:<input name="user" type="text" size="25">

   Password: <input name="password" type="password" size="25">

   <input type="submit">
  </form>
</body>
</html>
<?php

}

I think you should code as much as you can, experiance is experiance, and the more youhave the better

...

Dude projects are how you learn. I go, "Man I should do ____" and have absolutely no clue how to do it, so I just dive right in, and learn the pieces I need to to make it work. Then the project fails miserably because I didn't plan it very well, but all of a sudden I know a lot more about how I should actually architect a project in addition to all the plumbing I need to make it happen. That's fun [censored].

:nods:

First several projects are sooo frustrating. You fail like the titanic. Then you suceed. Now you are on top of the world. The feeling of finishing a well coded project.... I have had coke that doesn't compare to the high of geekphoria. Delusions of grandure and all that [censored].

Strike out, code, code lots. Decide to make something easy and make it. I sugested the search engine before, but, maybe a news system, link management system. Anything, just code something and you will learn a lot. Make yourself add features to it. Do not shy away from something because you do not know how to do it. Decide, that is what you want to do, look up how to do it or someone who did something like it.