Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Software Development
Programming
thoughts/suggestions on my personal site
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="griimnak" data-source="post: 354439" data-attributes="member: 35695"><p><em>please move this thread if it's in the wrong section </em><img src="/styles/default/xenforo/smilies/emojione/thumbsup.png" class="smilie" loading="lazy" alt=":up:" title="Thumbs Up :up:" data-shortname=":up:" /></p><p></p><p>Been working on my personal cms for awhile and i managed to finish some pretty unique features.</p><p><img src="http://i.imgur.com/z7jpAsG.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p><p>Don't take that warning message so lightly, it actualy means what it says.</p><p></p><p>Cross-site request forgery is often forgotten when developers write their code, so i made sure i'm protected against it.</p><p><img src="http://i.imgur.com/V82aJz4.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p><p>there will be a hidden token generated every instance of the page load. if a request is made and this token is changed at all, it will stop the request and log the ip etc into the database.</p><p><img src="http://i.imgur.com/8pjjXLp.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>Since this is an admin panel, i'm going to log failed login attempts aswell.</p><p><img src="http://i.imgur.com/xYRHRJ2.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>The ability to ban certain ip addresses is also done</p><p><img src="http://i.imgur.com/2sSYszI.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p><p><img src="http://i.imgur.com/qraZ8og.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>maintenance is also finished</p><p><img src="http://i.imgur.com/jHgxSM4.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p><p><img src="http://i.imgur.com/oADBgQO.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>I'm also using prepared statements to ensure i'm protected from sql injections.</p><p>[PHP]query = Database::dbConnect()->prepare("SELECT username, password FROM gweb_users WHERE username=:username AND password=:password");</p><p> $query->bindParam(':username', $secure_user);</p><p> $query->bindParam(':password', $secure_pass);</p><p> $query->execute();</p><p> </p><p> if($row = $query->fetch()){</p><p> </p><p> $_SESSION['username'] = $row['username'];</p><p> header("Location: admin_dash");</p><p> } [/PHP]</p><p></p><p>Thoughts? how can i make the design prettier (i suck at designing) and what other functions should i include? cheers</p></blockquote><p></p>
[QUOTE="griimnak, post: 354439, member: 35695"] [I]please move this thread if it's in the wrong section [/I]:up: Been working on my personal cms for awhile and i managed to finish some pretty unique features. [IMG]http://i.imgur.com/z7jpAsG.png[/IMG] Don't take that warning message so lightly, it actualy means what it says. Cross-site request forgery is often forgotten when developers write their code, so i made sure i'm protected against it. [IMG]http://i.imgur.com/V82aJz4.png[/IMG] there will be a hidden token generated every instance of the page load. if a request is made and this token is changed at all, it will stop the request and log the ip etc into the database. [IMG]http://i.imgur.com/8pjjXLp.png[/IMG] Since this is an admin panel, i'm going to log failed login attempts aswell. [IMG]http://i.imgur.com/xYRHRJ2.png[/IMG] The ability to ban certain ip addresses is also done [IMG]http://i.imgur.com/2sSYszI.png[/IMG] [IMG]http://i.imgur.com/qraZ8og.png[/IMG] maintenance is also finished [IMG]http://i.imgur.com/jHgxSM4.png[/IMG] [IMG]http://i.imgur.com/oADBgQO.png[/IMG] I'm also using prepared statements to ensure i'm protected from sql injections. [PHP]query = Database::dbConnect()->prepare("SELECT username, password FROM gweb_users WHERE username=:username AND password=:password"); $query->bindParam(':username', $secure_user); $query->bindParam(':password', $secure_pass); $query->execute(); if($row = $query->fetch()){ $_SESSION['username'] = $row['username']; header("Location: admin_dash"); } [/PHP] Thoughts? how can i make the design prettier (i suck at designing) and what other functions should i include? cheers [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Software Development
Programming
thoughts/suggestions on my personal site
Top