oleczek381 Posted October 12, 2013 Posted October 12, 2013 Hello, can anyone tell me how to make something that you can create an account on the website? My friend is doing RP server and he wanted me to help him with that. Thanks!
Chopper Posted October 12, 2013 Posted October 12, 2013 You can do that with PHP. an HTML form, to insert the data into, a PHP script to get the data out of it and insert it to a mysql database.
oleczek381 Posted October 12, 2013 Author Posted October 12, 2013 Chopper, could you give me instruction + code how to do this?
Chopper Posted October 12, 2013 Posted October 12, 2013 <?php if (isset($_POST['submitb'])) { //If the submit button was pushed $username = $_POST['username']; //Lets get the HTML Info $password = $_POST['password']; //config $db_host = "localhost"; $db_user = "root"; $db_pass = "your password"; $db_name = "your database name"; $kapcs = mysql_connect($db_host,$db_user,$db_pass); mysql_select_db($db_name); $query = "INSERT INTO users (username,password) VALUES('$username','$password')"; //Inserting data to db. $doquery = mysql_query($query,$kapcs); print "Registration Successful.<br>"; //Successful registration. header('refresh:3;url=index.php'); //Redirect to index.php in 3 seconds. } } else { //Print the original HTML Form you are using. print '<form method="POST" ACTION="">'; print '<input type="text" size="30" name="username" maxlength="32" placeholder="Username"><br><br>'; print '<input type="password" size="30" name="password" maxlength="32" placeholder="Password"><br><br>'; print '<input type="submit" value="Register!" name="submitb">'; print '</form>'; } ?>
myonlake Posted October 12, 2013 Posted October 12, 2013 Remember to apply some way of stripping slashes and an encryption for the passwords - otherwise no one will join your server if you have none.
Chopper Posted October 12, 2013 Posted October 12, 2013 Remember to apply some way of stripping slashes and an encryption for the passwords - otherwise no one will join your server if you have none. Exactly what he is saying, forgot to add that. Use md5, sha1, or even sha256.
oleczek381 Posted October 12, 2013 Author Posted October 12, 2013 Choppah' ya are the best, thank ya!
myonlake Posted October 12, 2013 Posted October 12, 2013 Remember to apply some way of stripping slashes and an encryption for the passwords - otherwise no one will join your server if you have none. Exactly what he is saying, forgot to add that. Use md5, sha1, or even sha256. Or forget MD5 and SHA1, which both can be brute-forced in one day, or even in a few hours if you have enough GPU power and cores. I suggest using SHA256 or then just make a strong algorithm mix-up of your own, for example, a little bit of SHA, a little bit of something else, a random salt generator and such.
Chopper Posted October 12, 2013 Posted October 12, 2013 Tbh no point in securing it that much, if there is no vulnerability to access the DB[sqli].
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now