Just wondering if anyone can reccomend a Member Login forum written in php. I want a very clean coded version so it will help me learn php.

Don't really care about what neat features it has, just something that would be easy to expand on.

Anyone point me in the right direction?

:battery: <-- wtf is that here for? lol

you can find a bunch of things in the links on this page:

http://www.kirupaforum.com/forums/showthread.php?s=&threadid=13932


daydreamgraphics.com has a login script and stuff as well...

Dang, I went to all of those pages, so far all of them require MySQL.... Something I don't have on my server. Does anyone know of a good script?

Maybe I will just end up paying for a MySQL database.. They are additional to most hosts, right? I know some allow certain amount of MySQL Databases, however, I am not familiar with them.

hmm, i think you can find many web hosting company's that include mySQL, maybe think about changing. i love ipowerweb

Ok, I guess I do have mysql on it, lol... Php is hard to configure!

http://www.kirupa.com/web/testphp.htm

Hey Jubba -

Remember that login thing I was working on before? I abandoned the flash5 tut from flash-db.com and started a fresh one. Well, the new one I made works perfectly. And it only uses three frames!! I even wrote the PHP myself (and it worked?!)

Are there enough people asking for login stuff for me to write a tutorial for it? Can I write a tut for it? I've searched all over the net for a login script that uses Flash MX, PHP, and MySQL that uses both a name AND a password and can't find one anywhere.

You can see what I've done here:
http://freddythunder.com/test/newlogin.html
username='testone'
userpassword='testtwo'

Tell me what you think!!:beam:

I'd love to see a tute on it :)

Okay, how about this:

http://www.freddythunder.com/kirupa/logintut.htm

:?

Dude, excellent :) Great job, I could really use this!

Thanks man!! You may want to check it again, I had to add the actions for the 'back button' and change a couple things...I forgot. Glad you like it!!

The only bad thing is that if you refresh the page it takes you back to the login. Try using session variables or cookies to keep the session.

Yeah, I have no idea how to do that. I just made this so people could have a real simple, cut and dry, auth system that can be upgraded. I suppose you would just use setCookie, huh? Maybe I do know - or remember reading it. I just started in PHP and the two weeks of frustration I went through trying to get this (the old one) to work is something I wouldn't wish on an enemy, ya know?

But thanks for the input DP- I had never thought of that as a problem - matter of fact, before I put in the back button, thats how I reset it!!! :crazy:

I don't know PHP at all! I'm an ASP guy but in ASP it is easy as going session("checkVar") = "Loggedin" or whatever you want it to set.

You know, in hind sight, that's something you could do with PHP that the login movie would be on. The example I have in the post above isn't HTML or PHP, it's just SWF. So, you could put that SWF in a PHP file that sets a cookie that expires and also reads for it. If it finds that cookie, then it will print a variable that you could have a onEnterFrame search for on the first frame that would immediately direct the movie to frame 2...would that work?

[edit]just read your post Okay - I think that would be the same as I just said in PHP, but I'm not sure...:\

That woudl work but it would be easily hackable. Also, speaking of that I hope you are doing your password storing outside the SWF file and that the SWF Vars and PHP Vars aren't the same. If they are then I could crack your login in about 3 minutes using an SWF decompiler.

Well, the vars between the two are not the same in my client's auth system, and all the usernames and passwords are stored in a MySQL database.

I also have this in the first paragraph of the tut:


This tutorial will show you the basics on how to authenticate in Flash. It is not a totally web secure system (SSL), however, all your information will be in SWF movie, the scripts will be in PHP, and the usernames and password are in a database. That way, no information is easily obtained.

You know that authentication systems are like car alarms - it doesn't mean your car can't be stolen. This is just a base to help others learn PHP - basically, it's what I wished I could find when I started this project.

BTW, how would you see a PHP script? It's processed by the server, right? That way you would either have to hack my database or my server, right? If anything, I could add in an md5 for (superbasic) encryption, or then just use SSL.

Regaurdless, it doesn't really matter that much, this little system isn't for the Pentagon..:P

Yea, hack the server. It is very easy with an ftp login access point. You can just use a brute force cracker to break it.

For some reason, I have to have all my stuff like ubber secure, it is just a little game I play with myself. Good job with this man it sounds like you got it all tied up.

DP could u explain what a swf decompiler is? How could u possibly get information from an swf? not doubting you, just curious.

A SWF Decompiler will actually decompile a SWF file and show you the AS and each movie clip. Basically, everything in the file decoded.

Check out
http://download.com.com/3120-20-0.html?qt=swf+decompiler&tg=dl-2001

Those are a couple of shareware apps that you can check out. Basically, you just go steal the SWF off whatever site you wanna check out and then bring it into that app and it will decompile it for you.

Pretty scurry stuff.

*Digitalosophy can't believe what he saw after he downloaded one of those decompilers and open up a random swf*

omg, omg, omf'in g.

because the prog is a demo, i could only open the 1st 5 frames. and yup, i have all the action script layed out in front of me. not only is this insane, but it outragous. you could very easily open someoen's swf and pretty much copy and paste their code.

this also proves that it is redicluosly unsafe to keep passwords within flash.

not to beat it to death, but i really can't believe this, i think i want to throw up. there has to been sometype of securty patch for this

DP thank you for this information.

LOL! yea, its pretty scurry. Flash is open-source even if you don't think it is. haha

Now, go decrypt bit-101.com or billybussey.com and see how they do things! :p:

Spooky. Yeah, all the usernames and passwords are in a sql database (just wanna say that again)..
:-\

:cool:

See you do learn something new everyday!

samba_7