|
| |
|
|
All times are GMT + 7 Hours
|
|
form login paling secure...
 |
Mon Jun 07, 2010 12:36 |
 |
 Author |
Message |
atkinson
PHP Master
Joined: 28 Feb 2010
Posts: 255
Location: /home/night
|
| Post subject: form login paling secure... |
 |
|
master,, menurut kalian semua ... gmana script login paling secure...?
_________________
samarinda web developer http://onewebstudio.com |
|
| |
|
|
|
Mon Jun 07, 2010 15:11 |
|
| Author |
Message |
huben92
PHP Programmer
Joined: 12 Nov 2009
Posts: 56
Location: Indonesia
|
| Post subject: |
|
|
| pake ssl |
|
| |
|
|
|
Mon Jun 07, 2010 20:21 |
|
| Author |
Message |
atkinson
PHP Master
Joined: 28 Feb 2010
Posts: 255
Location: /home/night
|
| Post subject: |
|
|
jiah bukan itu.. script nya... buat login page.. misa penggunan regex tertentu atau gimana gitu..
_________________
samarinda web developer http://onewebstudio.com |
|
| |
|
|
|
Wed Jun 23, 2010 18:15 |
|
| Author |
Message |
rrcp1992
PHPnewbie
Joined: 23 Jun 2010
Posts: 8
Location: Pangkalpinang, Bangka
|
| Post subject: |
|
|
Ya. Bisa pake regex atau fungsi misalnya : mysql_real_escape_string, stripslashes,htmlspesialchars,strip_tags....
 |
|
| |
|
|
|
Mon Jun 28, 2010 10:04 |
|
| Author |
Message |
dimas priyasmito
PHPnewbie
Joined: 18 Feb 2010
Posts: 15
|
| Post subject: |
|
|
| Bener tuh kata master di atas.. Saya lebih prefer pake html special char.. Soalnya tag" spesial character jd ga masuk.. |
|
| |
|
|
|
Sun Jul 11, 2010 13:44 |
|
| Author |
Message |
fiyan
PHPnewbie
Joined: 07 Nov 2009
Posts: 7
Location: bandung
|
|
| |
|
|
|
Sat Jul 17, 2010 18:43 |
|
| Author |
Message |
musicanda
PHP Master
Joined: 02 Jun 2010
Posts: 263
Location: Rumahnya Angeline
|
| Post subject: |
|
|
| pake fungsi mysql_real_escape_string, untuk meminimalisir sql injectio... :) |
|
| |
|
|
|
Sat Jul 17, 2010 20:30 |
|
| Author |
Message |
andriant
Jagoan PHP
Joined: 31 Mar 2010
Posts: 911
Location: Jakarta
|
| Post subject: |
|
|
mmmh yang kepikiran sih
usernamenya cuma bisa A..Z,0..9,_,-
passwordnya sebelum dikirim via SQL, di MD5 dulu :D
bedain antara frontend n backend kaya joomla
_________________
Lagi Boker, Makan, Mau Tidur, Coding jangan lupa baca:
PHP Manual -> http://php.net/download-docs.php
MySQL Manual -> http://dev.mysql.com/doc/ |
|
| |
|
|
|
Sun Jul 18, 2010 07:41 |
|
| Author |
Message |
atkinson
PHP Master
Joined: 28 Feb 2010
Posts: 255
Location: /home/night
|
| Post subject: |
|
|
@dimas : html spcial char itu klu dijalankan simbol2 macam "<" jdi ga fungsi ya?
@musicanda : mysql_real_escape_string... bisa sedikit dijelasin? hehehe
@andriant : frontend backend itu apa?
kllu selama ini sya cuma pake algoritma sederhana macam mengganti semua tanda "<" menjadi tanda "[" sehingga tag2 html ga mempan, tppi klu sql injection ini yg gimana... *soalnya belum pernah liat dampak nyatanya..
_________________
samarinda web developer http://onewebstudio.com |
|
| |
|
|
|
Mon Jul 19, 2010 06:47 |
|
| Author |
Message |
andriant
Jagoan PHP
Joined: 31 Mar 2010
Posts: 911
Location: Jakarta
|
| Post subject: |
|
|
frontend, kita bisa langsung login melalui root home page kita / halaman depan... (/index.php?do=login)
kalo backend kita musti akses melalui direktori tertentu dulu baru bisa dapet special grant. (/administrator/login.php) <- folder bisa diganti2 biar bingungin orang isenk
_________________
Lagi Boker, Makan, Mau Tidur, Coding jangan lupa baca:
PHP Manual -> http://php.net/download-docs.php
MySQL Manual -> http://dev.mysql.com/doc/ |
|
| |
|
|
|
Mon Jul 19, 2010 07:20 |
|
| Author |
Message |
atkinson
PHP Master
Joined: 28 Feb 2010
Posts: 255
Location: /home/night
|
|
| |
|
|
|
Mon Jul 19, 2010 07:31 |
|
| Author |
Message |
andriant
Jagoan PHP
Joined: 31 Mar 2010
Posts: 911
Location: Jakarta
|
| Post subject: |
|
|
itu kan bahasanya joomla mas bro  |
|
| |
|
|
|
Mon Jul 19, 2010 21:30 |
|
| Author |
Message |
musicanda
PHP Master
Joined: 02 Jun 2010
Posts: 263
Location: Rumahnya Angeline
|
| Post subject: |
|
|
mas atkinson...
gini mas kita tahu kan biasanya sql injektiozion, dilakukan lewat form login misalnya..username,password...
untuk mnecegahnya kita pake fungsi itu, sql injekstiozion biasanya menambhakan tanda petik " ' ", jadi pake fungsi itu dapat dijadikan string, tambhkn backslah, sehingga username dan password yg di kirim ke eskiql kueri, setidaknya amanz...
gitu mas.. kurang lebihnya mohon sowryyy...  |
|
| |
|
|
|
Mon Jul 19, 2010 21:53 |
|
| Author |
Message |
atkinson
PHP Master
Joined: 28 Feb 2010
Posts: 255
Location: /home/night
|
| Post subject: |
|
|
oke2.. ada pencerahan... tambah satu lagi benteng login ku.. :bigmsile
_________________
samarinda web developer http://onewebstudio.com |
|
| |
|
|
|
Sat Aug 07, 2010 08:32 |
|
| Author |
Message |
indra96
PHPuser
Joined: 07 Aug 2010
Posts: 33
Location: Yogyakarta
|
| Post subject: |
|
|
joss pakde
_________________
Badhe nderek sinau PHP |
|
| |
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Page 1 of 2
Goto page 1, 2 Next |
|
|
|
PHP Security 
