how do i protect mi page ????????????? :( - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: how do i protect mi page ????????????? :( (/showthread.php?tid=1961) |
how do i protect mi page ????????????? :( - El Forum - 07-08-2007 [eluser]Unknown[/eluser] when a make the login i do like this first i go for the page login where i put the user-name and password then i call the function Code: <? what can i do to stop this from happening? thanks for hear mi and keep the good work bey for now how do i protect mi page ????????????? :( - El Forum - 07-08-2007 [eluser]Phil Sturgeon[/eluser] Take a look at the hooks section of the user guide. how do i protect mi page ????????????? :( - El Forum - 07-08-2007 [eluser]imamiscool[/eluser] [quote author="ribeiro" date="1183941665"] $query = $this->db->query("SELECT * FROM `utilizador` WHERE `user`= '".$_POST['user']."' and pass = '".SHA1($_POST['pass'])."' and admin=1"); [/quote] Did you mean: $query = $this->db->query("SELECT * FROM `utilizador` WHERE `user`= '".$_POST['user']."' and pass = '".SHA1($_POST['pass'])."' WHERE admin=1"); ? USE: 'WHERE admin=1' NOT: 'AND admin=1' how do i protect mi page ????????????? :( - El Forum - 07-08-2007 [eluser]Rick Jolly[/eluser] [quote author="imamiscool" date="1183961112"] Did you mean: $query = $this->db->query("SELECT * FROM `utilizador` WHERE `user`= '".$_POST['user']."' and pass = '".SHA1($_POST['pass'])."' WHERE admin=1"); ? USE: 'WHERE admin=1' NOT: 'AND admin=1'[/quote] Nope, one "WHERE" is definitely enough imamiscool. However, Ribeiro should sql escape the posted data. Ribeiro, I'm having trouble understanding your question. What does this mean: Quote:if i click in the button return i go back to mi pageDo you mean the back button? Also, I don't see any code that inserts into your database: Quote:if i try to insert something int the database it will insert first and then goes back for the login page. how do i protect mi page ????????????? :( - El Forum - 07-09-2007 [eluser]imamiscool[/eluser] ups sorry forget about first 'WHERE' clause. did you 'redirect' your page ? |