Haunted Dawg Posted March 2, 2008 Posted March 2, 2008 Hey I thought I'd make this because alot of people are just posting some that dont work and some that they never made. Create a file stafflogin.php and put this in it: You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Now so that they cant get passed your staff.php add this to your smenu.php: You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Add that close to the top of your smenu.php. Thanks and i hope you appreciate it. Quote
Krafty Posted March 2, 2008 Posted March 2, 2008 Re: Staff Password without sql's. (ANY VERSION) Nice work killah... Quote
Arkvoodle` Posted March 2, 2008 Posted March 2, 2008 Re: Staff Password without sql's. (ANY VERSION) Allthough this works in a way, I can still enter staff.php in the URL and gain entrance without putting in the Password. Please can you fix this? I woul love to use it. Quote
Isomerizer Posted March 2, 2008 Posted March 2, 2008 Re: Staff Password without sql's. (ANY VERSION) Allthough this works in a way, I can still enter staff.php in the URL and gain entrance without putting in the Password. Please can you fix this? I woul love to use it. Place You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. in staff.php ? Quote
Godhand Posted March 3, 2008 Posted March 3, 2008 Re: Staff Password without sql's. (ANY VERSION) That looks like it should Quote
Arkvoodle` Posted March 3, 2008 Posted March 3, 2008 Re: Staff Password without sql's. (ANY VERSION) Yes I put that in staff.php and smenu.php and I can still get in via URL. Quote
Arkvoodle` Posted March 3, 2008 Posted March 3, 2008 Re: Staff Password without sql's. (ANY VERSION) It's ok now, thanks. This works great =D Quote
Haunted Dawg Posted March 3, 2008 Author Posted March 3, 2008 Re: Staff Password without sql's. (ANY VERSION) If you install it properly it will work properly... Updated version below: Stafflogin.php: You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. smenu.php code: You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. This updated code i guess you can give each userlevel a different password. If your clever enough you can even give each user a different password by changing the if statements. Quote
Danny Posted March 4, 2008 Posted March 4, 2008 Re: Staff Password without sql's. (ANY VERSION) v1 Quote
Krafty Posted March 4, 2008 Posted March 4, 2008 Re: Staff Password without sql's. (ANY VERSION) v1 is the same thing only that you need to change the include("globals.php"); to session start...etc.. Quote
Spudinski Posted April 10, 2008 Posted April 10, 2008 Re: Staff Password without sql's. (ANY VERSION) A problem I can already see that will happen with some passwords they might choose. You really do not have to clean strings that are going to be compared with variables/plaintext. Quote
BradBoy08 Posted April 10, 2008 Posted April 10, 2008 Re: Staff Password without sql's. (ANY VERSION) You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. smenu.php: You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. }[/code] Quote
Guest Anonymous Posted April 10, 2008 Posted April 10, 2008 Re: Staff Password without sql's. (ANY VERSION) Why not use a <dot>htpasswd file ? No point in writing silly amounts of code when a single line file will suffice.. :) Quote
Spudinski Posted April 10, 2008 Posted April 10, 2008 Re: Staff Password without sql's. (ANY VERSION) I agree Whit Nyna, it would be much better that way. And when you decide you want to make it with password from a mysql table, you just combine the both, php has some nice functions to work Whit apache authentication methods. Quote
iR00T Posted May 23, 2008 Posted May 23, 2008 Re: Staff Password without sql's. (ANY VERSION) You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. smenu.php: You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. }[/code] THIS DOSENT WORK OR I DID THE ADD THIS if($_SESSION['stafflogin'] == 0) { header('location: stafflogin.php'); wrong cause idk can someone tell me wher o add if($_SESSION['stafflogin'] == 0) { header('location: stafflogin.php'); at in smenu.php?????? Quote
Guest Anonymous Posted May 23, 2008 Posted May 23, 2008 Re: Staff Password without sql's. (ANY VERSION) [me=Nyna]sighs[/me] Quote
Zero-Affect Posted May 24, 2008 Posted May 24, 2008 Re: Staff Password without sql's. (ANY VERSION) quite clever mate so sql but why not add selected pw for ips abit of editing needed obviously but only some ips can access staff panel all-togever then if someone have ur staff pw then fuck 'em they can't get in lol unless there like nyna and can manipulate header into believing they are running someone elses ip has i have seen her boost about before which is kinda cool nyna you should let me in on that lol sounds like fun Quote
Guest Anonymous Posted May 24, 2008 Posted May 24, 2008 Re: Staff Password without sql's. (ANY VERSION) You should no better than to ask ;) But the restricted access based on IP is a good if simple trick. Can be easily done with <dot>htaccess and <dot>htpasswd combinations. There are limitations to this however - the HTTP protocol whilst ratified by the major browser manufacturers, was not in fact followed by them in certain places - so make sure you read the relevant RFCs before implementing security at web-server level. Quote
Joel Posted May 25, 2008 Posted May 25, 2008 Re: Staff Password without sql's. (ANY VERSION) You should no better than to ask ;) But the restricted access based on IP is a good if simple trick. Can be easily done with <dot>htaccess and <dot>htpasswd combinations. There are limitations to this however - the HTTP protocol whilst ratified by the major browser manufacturers, was not in fact followed by them in certain places - so make sure you read the relevant RFCs before implementing security at web-server level. Wow..... What dont you know Nyna? Quote
Zero-Affect Posted May 25, 2008 Posted May 25, 2008 Re: Staff Password without sql's. (ANY VERSION) so basically it would be better than this password mod... Quote
iR00T Posted May 26, 2008 Posted May 26, 2008 Re: Staff Password without sql's. (ANY VERSION) yes possibly so why dont you post it........? :-D Quote
Guest Anonymous Posted May 26, 2008 Posted May 26, 2008 Re: Staff Password without sql's. (ANY VERSION) Wow..... What dont you know Nyna? In all fields lots, however I just don't know less than others ;) so basically it would be better than this password mod... Well yes, and no, It's IMO easier, but I have also pointed out that there some issues with. yes possibly so why dont you post it........? I did - weren't you paying attention Quote
Zero-Affect Posted May 26, 2008 Posted May 26, 2008 Re: Staff Password without sql's. (ANY VERSION) hey joker i got a idea mate, how about you code for a change? and learn to read before you post Quote
Delete ! Posted May 28, 2008 Posted May 28, 2008 Re: Staff Password without sql's. (ANY VERSION) Nice One Kyle =] Quote
mentaljason Posted June 22, 2008 Posted June 22, 2008 Re: Staff Password without sql's. (ANY VERSION) Thank you. i would like to ask. you can still fed people on their profile. where would you put that code on things like that to stop it? Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.