473,320 Members | 1,865 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Some simple security

Hi,

I want to be able to add some simple security to one of my pages, basically
my page allows users to submit a text field which gets parsed into MySQL db
and displayed on other pages. At the moment anyone can submit text which
opens the page to abuse. I don't want to implement a user login system. I
had envisaged the addition of a password entry box which the Submit button
checks against the db before proceeding, so if any user has the correct
password then they can submit.

Having never done password stuff before, could somebody please point me in
the right direction?

Also, if I have the config data to connect to the mysql db in a PHP file on
my server, can anybody just open it?

Thanks

Neal
Mar 29 '06 #1
1 1198
d
"Neal Middlemore" <ne**************@tbaesystems.com> wrote in message
news:44**********@glkas0286.greenlnk.net...
Hi,

I want to be able to add some simple security to one of my pages,
basically my page allows users to submit a text field which gets parsed
into MySQL db and displayed on other pages. At the moment anyone can
submit text which opens the page to abuse. I don't want to implement a
user login system. I had envisaged the addition of a password entry box
which the Submit button checks against the db before proceeding, so if any
user has the correct password then they can submit.

Having never done password stuff before, could somebody please point me in
the right direction?
You should use the <input type="password"> form input, and POST the data
(not GET) back to the form. Check the password field with your stored
password, and you know whether the user is cool or not :)
Also, if I have the config data to connect to the mysql db in a PHP file
on my server, can anybody just open it?
As long as the server isn't configured to allow it to be fed directly to the
user, you'll be safe.
Thanks

Neal


dave
Mar 29 '06 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
by: Coldman | last post by:
hi, IIS 5 and 6, IE 5 and 6, simple authentication does the browser send the username and password in clear text on every request after been authenticated?
17
by: scorpion53061 | last post by:
I am seeing way too many connection strings not being properly protected. This morning an indiviual asked me to help him with an unrelated issue and I was shocked to see his password/username of...
17
by: chris.schwalm | last post by:
I would like to first state that I have searched through the archives and found a lot of related material, but am still new enough to javascript that I can't fit all the pieces together yet. So...
1
by: Markus Stehle | last post by:
Hi all! We are planning to provide .net web services to our partners. As I am new to web services technology, I have some questions concerning data exchange and interop. As most of our...
18
by: Vic Spainhower | last post by:
Hello, Can someone tell me why on some computers the following list will fail . I have a user reported that some of the links in the below list will fail and some will work. The ones that fail...
1
by: tomer.ha | last post by:
Hi there, I'd like to send emails from a Python program using Simple MAPI. I've tried this code: http://mail.python.org/pipermail/python-list/2004-December/298066.html and it works well with...
5
by: Oriane | last post by:
Hi, With Asp.net 2.0, when a internet user logs in with a "login authentication form", is the password encrypted when it is sent to the server ? Is is hashed ? Best regards
3
by: musicgold | last post by:
Hi, I am new in XML. But I have done coding in VBA, C, and HTML. I am using VBA to extract data from an xml file. I use Xpathbuilder to generate Xpath queries for my work. However, some Xpath...
5
by: sayeo87 | last post by:
Hi, I am quite new to JSP so please forgive me if I ask really simple things... I am trying to run system commands on the server and display the output on a webpage. This is what I've got: <%@...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.