Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Server Development
Habbo Retros
Habbo Q&A
PHP Bcrypt Hashing and Verifying Passwords.
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Damien" data-source="post: 415765" data-attributes="member: 72299"><p>1) Double authentication stops users from accessing housekeeping after they've been fired/demoted. They'll retain their rank till the session ends, this way it provided an extra layer of protection before they can access the ASE. One way to solve this is to do a rank check when the user hits the ASE, then the login wouldn't be needed.</p><p></p><p>2) There is nothing wrong with his queries. Whilst my_sql is deprecated, it can still be used safely and securely.. like he's doing. He's filtering the information before it gets used in the query, so people wont be able exploit it.</p><p></p><p>[CODE]</p><p>public function password($data)</p><p>{</p><p> if($data == NULL)</p><p> {</p><p> return $this->error_Handler('Validate Data','The given data could not be validated.');</p><p> }</p><p> else</p><p> {</p><p> return password_hash($data, PASSWORD_BCRYPT, array('cost' => 12));</p><p> }</p><p>}</p><p>[/CODE]</p></blockquote><p></p>
[QUOTE="Damien, post: 415765, member: 72299"] 1) Double authentication stops users from accessing housekeeping after they've been fired/demoted. They'll retain their rank till the session ends, this way it provided an extra layer of protection before they can access the ASE. One way to solve this is to do a rank check when the user hits the ASE, then the login wouldn't be needed. 2) There is nothing wrong with his queries. Whilst my_sql is deprecated, it can still be used safely and securely.. like he's doing. He's filtering the information before it gets used in the query, so people wont be able exploit it. [CODE] public function password($data) { if($data == NULL) { return $this->error_Handler('Validate Data','The given data could not be validated.'); } else { return password_hash($data, PASSWORD_BCRYPT, array('cost' => 12)); } } [/CODE] [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Server Development
Habbo Retros
Habbo Q&A
PHP Bcrypt Hashing and Verifying Passwords.
Top