Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
I have seen log-in pages where the page asks for a random field from your password. For example, enter the second, fifth and first character from your password. And if you refresh the page it will ask for some other random fields.
I have two questions about this:
How do I fetch the length before the user POSTs the password and not ask for fields that do not exist? For example, the password length is a four digit number and the app won't ask for the fifth character.
Is it a good idea to transform the password stored in the database to an array and then check for certain fields in the array? For example, Third character == password[2].
A PHP or Ruby sample implementation will be more than useful.
Thanks.
I'm curious if this validation is being done on the actual password that is being stored in plain text in a database (which would be bad), or if this validation is simply trying to avert bruteforce attacks by having the user validate the password they just entered. Kind of like a captcha. If the later is the case, maybe you could implement something in javascript. Here is a fiddle of something like that.
http://jsfiddle.net/fTPJy/1/
$apparently = 'I have to post code to link to a jsfiddle';
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
On my site I have used fb login and I can do it easily for my site. But as we have users fb login id and other details, is it possible to generate facebook login time stamp for user for www.facebook.com.
Something like varifying how many times user performs facebook login and how many times he comes to my site.
or something nearer to this if possible
I don't fully understand what you want to do, if you just want a timestamp for when you receive the response from Facebook then you can just create one on your side of the code using time(). If you want to know anything about the user's login habits beyond you're site then that isn't possible due to privacy reasons I imagine.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
In my website users can post submissions, and I want other users to be able to do what would be my equivalent of facebook's "likes".
But I don't know how to implement this. My main problem is that I need to prevent uses from liking the same thing more than once.
I was planning to add a long string into the database entry of each submission, for example "userid:rating/userid:rating/userid:rating". But I think that would be highly inefficient, because I would need to parse the string every time someone presses a button, and if there's lots of ratings then it would have to do a lot of work I think.
Should I make a separate table for ratings globally, and use the submission ID to link them to the right thing, or what? I feel it would be very inefficient to make mysql dig through the whole database and look for all individual rating entries that have a matching ID every time someone opens a submission page...
You create another table: submission_rating. Three columns would suffice: rating, submission_id and user_id.
Someone presses like, you do an an INSERT. But, before you do the insert, you check whether or not this particular user has already liked this submission. If the user has, you remove the like. If it does not, you insert the rating.
edit: As two gentleman below suggested, rather than relying on another check, go for the UNIQUE index. Make sure you catch the error and properly show it when trying to insert. Boldly said, if(!$insert) {}.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
I have an application written in php Ver. 3.
The application has a users file with usernames and passwords. The passwords are encrypted using the PASSWORD() function.
We need to transfer this file and utilize it under a system using php 5.
We tried to use the password() function again to check the validity of a password entered by the user, but the encrypted results don't match.
Any ideas?
Thanks.
PHP has never had a PASSWORD() function. If you're talking about the MySQL function, the hashing algorithm was change in MySQL 4.1 (a long time ago). You can use OLD_PASSWORD() to generate password hashes using the old method, or you can set the old_passwords system variable to have MySQL default to it.
In any case you should make arrangements to migrate from the old system to the new one. Since you can't know what the old password was, you'll probably need to code a mechanism to force users to change their passwords and track which version they're using.
The MySQL reference on this is here
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
I am not php expert but managed to create self-registration form with captcha which adds users to MySql was very pleased with myself for doing this!!!!
I am now getting bombarded with false hotmail accounts being registered on site for spam or links
I would like to stop this even if just block all hotmail accounts by just adding to php all I can find is 'new' code which no good as uses different variable etc?
If I post my code could anyone add new to do this?
The easiest thing I'd suggest you to do would be to add a new column in your database called 'activation' and automatically set it to 'false', when the user signs up it will send them an email with an activation link, when they click the link it will send them to a page where it will change the value of the column from 'false' to 'true', but add another line in your code to say if it is false they're not allowed to sign in.
Take a look at this website to get a little more about this. You can learn a little more about it and how to restrict certain emails etc...
Also try some JavaScript validation. It should work just the same! Find the basics about JavaScript validation, click here!
Best of luck!
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question appears to be off-topic because it lacks sufficient information to diagnose the problem. Describe your problem in more detail or include a minimal example in the question itself.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Improve this question
I am fairly new to PHP but am in the process of hacking together a web app focused around gardening. I followed a tutorial and built a registration and login system. I want the user in the app to be able to input additional data at a later date including fields like Postcode/Zip code and the ability for them to select 'Plants' to add to their account. I know how I create the form but I want to know how to add this data to the database so that it corresponds with their account details such as username which are already in the database.
Hopefully you have a column in the users table called 'id' or something similar which auto increments and is unique, this gives you a point of reference for each user.
When the user logs in, using his username and password, you can retrieve this id, and then use it throughout your app when working with the table or other tables that are related (using the id).
So if you were to add/update information in the table you'd use the user's id eg:
UPDATE users SET postcode = 'sg12988' WHERE id = '8374'
You can read more about SQL commands here or here .