Hey guys,I got a couple of probs with this. One them is that this is an old tutorial. Plus, the tutorial doesn't teach one how to make the best membership script. While it is okay, it lacks quite a bit. A few of the things include optimizations, security and implementation.It might be okay for newcomers like the first commenter posted.Have a good one,Christopher
It kills me when all you self-professed security experts "slap your foreheads" over the "gaping holes" in beginner tutorials. Get a freaking life losers. Either that or flame it up on /.
Wow, took three years to hit digg. I read this tut like way back when I started php. I'm ashamed that digg is resorting to old tutorials. Now, what would be good if someone posted a tutorial for an oop based user login system with full anti-hacking checks ect.
Maybe it's just me, but instead of all the "this tutorial isn't that great" comments, does anyone knows of a good tutorial? One that does take into account XSS, etc and explain how they are protecting against it. It seems to me that kind of tutorial would be really, really useful, especially so we don't have another generation of web programmers creating these very insecure sites.
there we go, that one should be a bit betteri didn't have a chance to go through all of it, but just looking at the first page, the advanced features it covers gives me some indication that the basics should be presented properly as well.i've seen other quality tutorials on evolt.org as well.
I know this comment will get dugg down, but I don't see why everyone loves AJAX so much... cross-browser compatibility is a big issue and you could just as easily use a header() function with GET data attached to validate forms and add comments.
Username validation can be a GOOD thing and a BAD thing in Ajax.It's good for when the user doesn't have to go back to the page and change their username after they entered nearly everything.It's BAD in that somebody can abuse the page or possibly the underlying Ajax backend to query for existing user names. This can expose account names easily to bots to try and get passwords for, or possibly easily expose anonymous users. Same thing could be said about a "Check if my name is available" form though.However, USUALLY this is not something to worry about.
Closed AccountJun 22, 2006
script kiddie: n. anybody ignorant enough to need an explanation
mannapcJun 22, 2006
Hey guys,I got a couple of probs with this. One them is that this is an old tutorial. Plus, the tutorial doesn't teach one how to make the best membership script. While it is okay, it lacks quite a bit. A few of the things include optimizations, security and implementation.It might be okay for newcomers like the first commenter posted.Have a good one,Christopher
superjordoJun 22, 2006
It kills me when all you self-professed security experts "slap your foreheads" over the "gaping holes" in beginner tutorials. Get a freaking life losers. Either that or flame it up on /.
superjordoJun 22, 2006
*holds you and your opinions in complete disrespect*
maldonJun 22, 2006
Wow, took three years to hit digg. I read this tut like way back when I started php. I'm ashamed that digg is resorting to old tutorials. Now, what would be good if someone posted a tutorial for an oop based user login system with full anti-hacking checks ect.
megaversalJun 22, 2006
Maybe it's just me, but instead of all the "this tutorial isn't that great" comments, does anyone knows of a good tutorial? One that does take into account XSS, etc and explain how they are protecting against it. It seems to me that kind of tutorial would be really, really useful, especially so we don't have another generation of web programmers creating these very insecure sites.
maseoneJun 22, 2006
there we go, that one should be a bit betteri didn't have a chance to go through all of it, but just looking at the first page, the advanced features it covers gives me some indication that the basics should be presented properly as well.i've seen other quality tutorials on evolt.org as well.
xmikeyJun 22, 2006
I like this membership system better, it has a lot more features.<a class="user" href="http://techtuts.com/?view=tutorials&act=cat&id=11">http://techtuts.com/?view=tutorials&act=cat&id=11</a> (Scroll down to bottom for membership system base)
phpfreakJun 24, 2006
I know this comment will get dugg down, but I don't see why everyone loves AJAX so much... cross-browser compatibility is a big issue and you could just as easily use a header() function with GET data attached to validate forms and add comments.
jouvaJun 28, 2006
Username validation can be a GOOD thing and a BAD thing in Ajax.It's good for when the user doesn't have to go back to the page and change their username after they entered nearly everything.It's BAD in that somebody can abuse the page or possibly the underlying Ajax backend to query for existing user names. This can expose account names easily to bots to try and get passwords for, or possibly easily expose anonymous users. Same thing could be said about a "Check if my name is available" form though.However, USUALLY this is not something to worry about.
huhnteufelJul 19, 2006
That's a gold mine of tutorials. Thanks! :)