budaktaktahu
02-27-2012, 05:02 AM
i need Master to fix my problem..
i want make Secure To My Page..
But I don't know how to coding it...
I give you my script code..
Login.php
<?php
session_start();
include("passwords.php");
if ($_POST["ac"]=="log") { /// do after login form is submitted
if ($USERS[$_POST["username"]]==$_POST["password"]) { /// $USERS array
$_SESSION["logged"]=$_POST["username"];
} else {
echo 'Incorrect username/password. Please, try again.';
};
};
if (array_key_exists($_SESSION["logged"],$USERS)) { //// check if user is logged or not
echo "You are logged in."; //// if user is logged show a message
} else { //// if not logged show login form
echo '<form action="donatealatan.php" method="post"><input type="hidden" name="ac" value="log"> ';
echo 'Username: <input type="text" name="username" /><br />';
echo 'Password: <input type="password" name="password" /><br />';
echo '<input type="submit" value="Login" />';
echo '</form>';
};
?>
Logout.php
<?php
session_start(); //Start the current session
session_destroy(); //Destroy it! So we are logged out now
header("location:login.php?msg=Successfully Logged out"); // Move back to login.php with a logout message
?>
passwords.php
<?php
$USERS["admin123"] = "admin123";
$USERS["username2"] = "password2";
$USERS["username3"] = "password3";
function check_logged(){
global $_SESSION, $USERS;
if (!array_key_exists($_SESSION["logged"],$USERS)) {
header("Location: login.php");
};
};
?>
And This My Page..And how to make my page is secure?
donatealatan.php
<head>
<style type="text/css">
.style1 {
font-family: Castellar;
color: #00FF00;
}
.style2 {
color: #FF0000;
}
.style3 {
color: #0000FF;
}
.style5 {
color: #00FF00;
}
.style6 {
text-align: center;
}
</style>
</head>
<body style="background-color: #000000">
<div class="style6">
<span class="style3">
<br></span><span class="style1">Donasi Alatan Gear</span><br>
<span class="style2">Sila Masukan Nama Pemain Kemudian Tekan Butang Donasi</span>
</div>
<form enctype="multipart/form-data" action="donatealatan.php" method="POST">
<div class="style6">
<span class="style3">Nama Pemain Dan Posisi Item Tersebut<br>
(Pemain Hendaklah Memakai Item Tersebut)</span><span class="style5"><br>
Nama Pemain : <input type="text" name="id" style="width: 169px"><br />
Posisi Item :</span> <input type="text" name="il" style="width: 171px"><br>
<label id="Label1"></label><br>
<span class="style3">Item Yang Hendak Diubah</span><span class="style5"><br>
Magic3 :</span></span> <span class="style5"> <input type="text" name="ie" style="width: 171px"><br />
Tahap F-Soul :</span></span> <span class="style5"> <input type="text" name="if" style="width: 171px"><br />
Serangan Bumi : </span> </span> <span class="style5"><input type="text" name="ig" style="width: 171px"><br />
Serangan Air : </span> </span> <span class="style5"><input type="text" name="ih" style="width: 171px"><br />
Serangan Api :</span> </span> <span class="style5"><input type="text" name="ii" style="width: 171px"><br />
Serangan Udara : </span> </span> <span class="style5"><input type="text" name="ij" style="width: 171px"><br />
Special Effect :</span></span> <span class="style5"> <input type="text" name="ik" style="width: 171px"><br />
</span>
<input type="submit" name="edit" value="Donasi" style="width: 225px"><br>
</div>
</form>
<br>
<?
$location = '127.0.0.1';
$database = 'my';
$username = 'root';
$password = 'test';
$conn = mysql_connect("$location","$username","$password");
if (!$conn) die ("Could not connect MySQL");
mysql_select_db($database,$conn) or die ("Could not open database");
if(isset($_POST['edit']))
{
$sid = addslashes($_POST['id']);
$sie = addslashes($_POST['ie']);
$sif = addslashes($_POST['if']);
$sig = addslashes($_POST['ig']);
$sih = addslashes($_POST['ih']);
$sii = addslashes($_POST['ii']);
$sij = addslashes($_POST['ij']);
$sik = addslashes($_POST['ik']);
$sil = addslashes($_POST['il']);
mysql_query("update cq_item set magic3='$sie', warghostexp='$sif', eudemon_attack1='$sig', eudemon_attack2='$sih', eudemon_attack3='$sii', eudemon_attack4='$sij', special_effect='$sik' where position='$sil' and forgename='$sid'") or die (mysql_error());
echo '<font color=red size=6>Tahniah!Item Donasi Telah Dimasukan,Sila Login Semula</font><br>';
}
?>
<center><p><a href="logout.php">Logout</a></p></center>
</body>
</html>
<script language=JavaScript> var message="Error!"; function clickIE4(){ if (event.button==2){ alert(message); return false; } } function clickNS4(e){ if (document.layers||document.getElementById&&!document.all){ if (e.which==2||e.which==3){ alert(message); return false; } } } if (document.layers){ document.captureEvents(Event.MOUSEDOWN); document.onmousedown=clickNS4; } else if (document.all&&!document.getElementById){ document.onmousedown=clickIE4; } document.oncontextmenu=new Function("alert(message);return false") </script>
i want make Secure To My Page..
But I don't know how to coding it...
I give you my script code..
Login.php
<?php
session_start();
include("passwords.php");
if ($_POST["ac"]=="log") { /// do after login form is submitted
if ($USERS[$_POST["username"]]==$_POST["password"]) { /// $USERS array
$_SESSION["logged"]=$_POST["username"];
} else {
echo 'Incorrect username/password. Please, try again.';
};
};
if (array_key_exists($_SESSION["logged"],$USERS)) { //// check if user is logged or not
echo "You are logged in."; //// if user is logged show a message
} else { //// if not logged show login form
echo '<form action="donatealatan.php" method="post"><input type="hidden" name="ac" value="log"> ';
echo 'Username: <input type="text" name="username" /><br />';
echo 'Password: <input type="password" name="password" /><br />';
echo '<input type="submit" value="Login" />';
echo '</form>';
};
?>
Logout.php
<?php
session_start(); //Start the current session
session_destroy(); //Destroy it! So we are logged out now
header("location:login.php?msg=Successfully Logged out"); // Move back to login.php with a logout message
?>
passwords.php
<?php
$USERS["admin123"] = "admin123";
$USERS["username2"] = "password2";
$USERS["username3"] = "password3";
function check_logged(){
global $_SESSION, $USERS;
if (!array_key_exists($_SESSION["logged"],$USERS)) {
header("Location: login.php");
};
};
?>
And This My Page..And how to make my page is secure?
donatealatan.php
<head>
<style type="text/css">
.style1 {
font-family: Castellar;
color: #00FF00;
}
.style2 {
color: #FF0000;
}
.style3 {
color: #0000FF;
}
.style5 {
color: #00FF00;
}
.style6 {
text-align: center;
}
</style>
</head>
<body style="background-color: #000000">
<div class="style6">
<span class="style3">
<br></span><span class="style1">Donasi Alatan Gear</span><br>
<span class="style2">Sila Masukan Nama Pemain Kemudian Tekan Butang Donasi</span>
</div>
<form enctype="multipart/form-data" action="donatealatan.php" method="POST">
<div class="style6">
<span class="style3">Nama Pemain Dan Posisi Item Tersebut<br>
(Pemain Hendaklah Memakai Item Tersebut)</span><span class="style5"><br>
Nama Pemain : <input type="text" name="id" style="width: 169px"><br />
Posisi Item :</span> <input type="text" name="il" style="width: 171px"><br>
<label id="Label1"></label><br>
<span class="style3">Item Yang Hendak Diubah</span><span class="style5"><br>
Magic3 :</span></span> <span class="style5"> <input type="text" name="ie" style="width: 171px"><br />
Tahap F-Soul :</span></span> <span class="style5"> <input type="text" name="if" style="width: 171px"><br />
Serangan Bumi : </span> </span> <span class="style5"><input type="text" name="ig" style="width: 171px"><br />
Serangan Air : </span> </span> <span class="style5"><input type="text" name="ih" style="width: 171px"><br />
Serangan Api :</span> </span> <span class="style5"><input type="text" name="ii" style="width: 171px"><br />
Serangan Udara : </span> </span> <span class="style5"><input type="text" name="ij" style="width: 171px"><br />
Special Effect :</span></span> <span class="style5"> <input type="text" name="ik" style="width: 171px"><br />
</span>
<input type="submit" name="edit" value="Donasi" style="width: 225px"><br>
</div>
</form>
<br>
<?
$location = '127.0.0.1';
$database = 'my';
$username = 'root';
$password = 'test';
$conn = mysql_connect("$location","$username","$password");
if (!$conn) die ("Could not connect MySQL");
mysql_select_db($database,$conn) or die ("Could not open database");
if(isset($_POST['edit']))
{
$sid = addslashes($_POST['id']);
$sie = addslashes($_POST['ie']);
$sif = addslashes($_POST['if']);
$sig = addslashes($_POST['ig']);
$sih = addslashes($_POST['ih']);
$sii = addslashes($_POST['ii']);
$sij = addslashes($_POST['ij']);
$sik = addslashes($_POST['ik']);
$sil = addslashes($_POST['il']);
mysql_query("update cq_item set magic3='$sie', warghostexp='$sif', eudemon_attack1='$sig', eudemon_attack2='$sih', eudemon_attack3='$sii', eudemon_attack4='$sij', special_effect='$sik' where position='$sil' and forgename='$sid'") or die (mysql_error());
echo '<font color=red size=6>Tahniah!Item Donasi Telah Dimasukan,Sila Login Semula</font><br>';
}
?>
<center><p><a href="logout.php">Logout</a></p></center>
</body>
</html>
<script language=JavaScript> var message="Error!"; function clickIE4(){ if (event.button==2){ alert(message); return false; } } function clickNS4(e){ if (document.layers||document.getElementById&&!document.all){ if (e.which==2||e.which==3){ alert(message); return false; } } } if (document.layers){ document.captureEvents(Event.MOUSEDOWN); document.onmousedown=clickNS4; } else if (document.all&&!document.getElementById){ document.onmousedown=clickIE4; } document.oncontextmenu=new Function("alert(message);return false") </script>