asp.net - custom authentication to form authentication -

-

Currently, my site contains a table in that database that contains the username and password. There are 2 text boxes and login buttons in front end. Once the user fills that two fields and clicks on the login, it checks that the username and password will match in the database, if so, then they should be included in the interactive site Set in the session variable to check through medium. is it safe? How do I change it to create authentication? I do not want to exclude my login table. Can I still use it if I want to change it to certification? Can someone talk to me or show me how this can be done? Thanks

The standard login using this is:

index.html : 

  & lt; Form action = "login.php" method = "post" & gt; & Lt; Width of table = "100%" range = "0" style = "border-top: 2px solid # ccc; padding-top: 15px;" & Gt; & Lt; TR & gt; & Lt; Td> & Lt; input type = "text" class = "text_box" placeholder = "user" name = "user" id = "user" & gt; & Lt; / Td> & Lt; / TR & gt; & Lt; TR & gt; & Lt; Td> & Lt; Input type = "password" class = "text_box" placeholder = "contracease ± A" name = "pass" id = "pass" & gt; & Lt; / Td> & Lt; / TR & gt; & Lt; TR & gt; & Lt; TD & gt; & Lt ;? Php show_message (); ? & Gt; & Lt; Input type = "submit" value = "indicer" class = "button_submit" & gt; & Lt; / TD & gt; & Lt; / TR & gt; & Lt; / Table & gt; & Lt; / Form & gt;   
 and php ...  
  & lt ;? Php if (isset ($ _ POST ["user"]) & amp; amp;; isset ($ _POST ["pass"])) {Include ('conect_to_database.php'); $ User = $ _POST ["user"]; $ Pass = $ _POST ["pass"]; If (! Filter_var ($ _ POST ["user"], FILTER_VALIDATE_EMAIL)) {// is not a valid email ... back to the form header ('location: index.php'); Go out(); } $ Query = "User SELECT id where user =? And pass =? LIMIT 1"; $ Stmt = $ mysqli- & gt; Ready ($ query); $ Stmt-> Tie-up ("ss", $ user, $ pass); $ Stmt- & gt; Executed (); $ Stmt- & gt; Bind_result ($ id); While ($ stmt-> fetch ()) // Set your session variable header ('location: ../../control_panel.php'); Go out(); } // Invalid user echo ... sends back the form header ('location: index.php'); }? & Gt;   
 I also recommend checking the special characters in both the user and password.  
 In addition, you should never store a password in your database. You must store a hash of the real password using special algorithms.

Comments

Post a Comment

Popular posts from this blog

php - PDO bindParam() fatal error -

-
I am trying to learn PDO, now I have written this small code, but it gives me a serious error: Fatal error: Call a member function at a non-object dot () ... $ con = new mysqli ("127.0.0.1", "root", "", "csvdangercheck"); $ Query = $ con- & gt; ("Id,` var1`, `var2`) values ​​(" id,: var1,: var2) ";); $ query- & gt; bypass pattern (': id', $ id); $ query- & gt; BindParam (': var1', $ VAL1); $ Query- & gt; bindParam (': var2', $ val2); $ Query-> Executed (); I Trying to use print_r ($ con-> errorInfo ()) but Fatal error: Undefined method mysqli :: errorInfo ( ) ... can someone tell me what am I missing? Flaffeh said, you have PDO Missing Mysqy, try it: $ con = new PDO ('mysql: host = 127.0.0.1; dbname = csvdangercheck', 'root', '');
Read more

php - How can I cram 6+31 numeric characters into 22 alphanumeric characters? -

-
I have a 6 digit number and a 31-digit number (such as "234536" and "201103231043330478311223582826") that I The API needs to be crawled in the same 22-character alphanumeric field that uses PHP. I tried to convert each one to 32 (using custom code could not handle the base_convert () large number) and to connect with a single-character delimiter, but It only gives me 26 characters This is a restore API, so the letters should be URI-protected. I would like to do a database table cross with two references without reference to another reference value, if possible, any suggestions? Instead use a radix of 62. This will give you 22 characters for the top, 3.35 for the pre and 17.3 for the next. & gt; & Gt; & Gt; Math.log (10 ** 6) /math.log (62) 3.3474826039165504 & gt; & Gt; & Gt; Math.log (10 ** 31) /math.log (62) 17.295326786902177
Read more

logging - How can I log both the Request.InputStream and Response.OutputStream traffic in my ASP.NET MVC3 Application for specific Actions? -

-
For a specific set of tasks, I need to log in to the incoming request inputstream as well as outgoing response. is. I am using an ActionFilterAttribute for this and overriding the OnActionExecuted and OnResultExecuted methods. So I'm starting with this idea ... Public category ActionLoggerAttribute: ActionFilterArrbit {Public Override Zero On-Offed Execution (ActionActioned Contact Filter Filter) {base.OnActionAxecuted (FilterContext); HttpRequestBase request = filterContext.HttpContext.Request; // TODO: Log the request. InputStream} Public Override Zero OnResultExecuted (ResultExecutedContext FilterContext) {base.OnResultExecuted (filterContext); HTTPRPSPointBase Response = FilterContacts Hpptex response; // TODO: Log on Response.OutputStream}} Ideally I'll hook it up with enterprise library logging because I'm already using it for error logging. Am I reaching the input and output stream at the right time? Can I easily use the Enterprise Library to log i...
Read more