Login, Member's area [PHP] [Archive]

View Full Version : Login, Member's area [PHP]

thesleuth

September 12th, 2006, 04:36 AM

I have been creating a login and member's area with a guide
http://php.about.com/od/finishedphp1/ss/php_login_code_6.htm

However I found out that the member's area is not secured enough, if I use online source code viewer (http://website101.com/HTML/HTML_source_viewer.php) on my member's area, I am able to view the contents!

How do I prevent that or are there any other member's area scripts?
Oh and one more mySQL question...

If I have very long text of about 4000 characters, can I store it in my database?
Will there be any disadvantages etc?

Thanks in advance :D

bwh2

September 12th, 2006, 09:35 AM

4000 character text is fine. you can store it in text or blob.

Seb Hughes

September 12th, 2006, 11:06 AM

Yea I am amking somthing and you are able to view the source how do i prevent this you help is much apprciated. I mean the source viewr. Obviously you cant see the php code or database data but any link or somthing. i want it so the source cant be seen.

September 12th, 2006, 01:40 PM

Completely unnecessary.. you don't need to protect your HTML. What exactly do you find to be an issue with a loginscript and view source?

thesleuth

September 13th, 2006, 09:08 AM

Err... well there are certain content which I would like to restrict to only my members and if people who do not want to sign up, they are able to view that content from the source code viewer.

Oh and if a person can view the content in such a way, why is there a need for an authentication.

I hope you get what I mean, thanks :)

skOOb

September 13th, 2006, 09:12 AM

It sounds like everything your site offers is on one page. There should be member and non-member pages.

obiAdmin

September 13th, 2006, 01:44 PM

First off, anyone can read the HTML on any given site. So if you really wanted your members section to only be seen by members, you need to have that PHP file set up to include information only when a member is on it.

<?php
if ( isset( $memberPage ) ){
include ('memberInfo.php');
} else {
include ('nonMemberInfo.php');
}
?>

From here just keep the memberInfo.php and nonMemberInfo.php simple, use echo commands on a variable of text. I hope this will give you some ideas on how to set up your PHP members page a little better.

(-: Raymond

Seb Hughes

September 13th, 2006, 02:13 PM

That work if we check for a cookie? ^

raz

September 13th, 2006, 04:23 PM

That work if we check for a cookie? ^

Yes...

<?php
$cookie = $_COOKIE['foo'];
if ( isset( $cookie ) ){
include ('memberInfo.php');
} else {
include ('nonMemberInfo.php');
}
?>

thesleuth

September 14th, 2006, 05:18 AM

Thanks for all of your help, I've found out a solution using obiAdmin's concept. Thanks once again :D