Hi I am new to php and most other things, I am trying to make a form on my website to take users details for membership purposes. This data will be stored in a mysql database. What I have at the moment is a plain html form that posts the user input to a php script which then puts the data in the database. Is there a better way of doing this (could this proccess be done with a single php script) or am doing the right thing. Any suggestions and input would be greatly appreciated.
yeah its standard to have an HTML form posting data to a PHP processor page
If you are new to php and want to see an example of inserting/editing/deleting data in a mysql database and creating tables/databases then please send me a Personal Message from my profile page, and ill send you a link to a simple news management system i made. (the whole thing is under 15 pages of code, nicely formatted, no superflous stuff)
Last edited by jbennet; Dec 2nd, 2007 at 12:05 pm.
It's possible that the server is secure but someone can still exploit a bug in your code which could display user passwords. It's always better to be safe then sorry ^^
Read up on password sniffing. It's great if your server is secure, but if the user is on a LAN then it's still possible to get hacked.
Good rules for any database:
1.) Never pull a password out of the database. Once it is in, it stays there. You can look for it in the query, but don't pull it out.
2.) You should never know your users actual password. This means that every password is encrypted before it gets to the database. This will make it much more difficult for a sniffer to intercept it and successfully login.
No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
Online 
Unsolved 
