Advanced Php Programming Part 2

Using advanced php tricks and methods to create a todo maker , where we can create and manage our todo’s.

About Editor

Comments

21 Responses to “Advanced Php Programming Part 2”
  1. Wojciech Glapa says:

    Do not use px, use em.
    But I know, it’s just for the video.

  2. Dan Rizzelo says:

    actually its decently written code.. just lacks some proper sanitation
    methods never copy someones work understand it and move on.. evolution of
    programming is up to you..

  3. tutlage says:

    texteditor called INTYPE

  4. Mustafa Ghafour says:

    i know that and i used it but it didnt show the same thing as yours , it is
    an array and should be imploded then echo it

  5. tutlage says:

    do print_r($error);

  6. Vithushan Kumanan says:

    what ide you using?

  7. Roger Keulen says:

    Btw: Your client is always sending the same password, over and over again.
    Doesn’t matter if it’s plaintext or not….. The ciphertext can also be
    used as the key with the username and ip adress.

  8. Augsteyer says:

    I am wondering if it would be better to add the md5 hashing to the
    loginUsers and registerUsers methods in the ManageUsers class. That way we
    would not have to worry about it if we are calling these methods somewhere
    again. Am I correct to think that or would there be a problem? Thanks!

  9. Galih Pratama says:

    try sublime text xD

  10. Reynaldo Borinaga says:

    Hi sir, Why is that every time I refresh my browser it keeps adding the
    same info to my database.?

  11. jian su says:

    thanks keep it coming

  12. Guccov says:

    very nice tutorials

  13. medivoadmin says:

    Excellent tut. I would sanitize and trim all data that’s entered into
    fields with Trim() and FILTER_SANITIZE functions. This protects from xss.
    But overall very nice…Thanks

  14. Mustafa Ghafour says:

    how could you print $error with echo even its an array ? it didnt work with
    me so i used foreach

  15. Roger Keulen says:

    Passwords in plaintext, lol. Why do you want to store a password ? Generate
    a Random Key at server and send to client. Client hashes Random Key with
    Password and gives back to server. Server has Random key + Hash of Random
    Key + Password. No let client do: 10.000x SHA256(RND from server + PW) so
    you can’t reverse engineer without using a lot of power and money. This
    have to be done once for everypassword that can be stored on client in
    cookie. So, it fairly fast.

  16. Mark Twigg says:

    no do not use md5 at all! ever its insecure and very easily cracked, might
    as well store passwords in plain text.

  17. Augsteyer says:

    because the variables are still in the POST and you may not have the check
    that checks if the user already exists in the database programmed (or
    programmed correctly)

  18. DaOrX says:

    i see that you have alot of bad practices in your code, if you like
    criticism and you want some pointers you could pm me.

  19. Mark Twigg says:

    Hi Aman great series so far but I’m having problems around the 27minute
    part where you test the code. 2 things are not happening for me. Firstly no
    errors are being displayed on the login_users.php page (when there are
    errors) and secondly the information isn’t being inserted into my database
    but the login.php doe’s refresh? Could you a take a look at my code please?

  20. DaOrX says:

    you should use prepared statement instead. you didnt sanitize the input
    from username. possibly vulnerable to blind sql. how it should be done:
    $stmt = $PDO->prepare(“SELECT * FROM users WHERE username = :username”);
    $stmt->execute(array(“:username” => $username)); if($stmt->rowCount() ==
    1){ return $stmt->fetchAll(PDO::FETCH_OBJ); }else{ return $tmt->rowCount();
    }