| « SQL Injection Protection * 3 | Office Supply Amnesty » |
"Not too long ago," writes R.S., "a coworker left the company for greener pastures. His motto was Keep It Simple and, until now, I wasn't sure how simple he liked things."
"This is one of my favorite snippets of PHP code from his own, unique authentication process."
$password = $_POST['password'];
$sql = "Select username from USERS";
$q->query($sql);
while($q->next_record())
{
$chumbawumba = $q->f("username");
}
if ($password == $chumbawumba)
{
header("Location: index.php?session=".$session);
}
else
{
$errorMsg = "Wrong Password. Please Try again!";
}
R.S. added, "the USERS table contained a single column ('username') and a single row." Simple indeed.
|
Not only is it simple, it is Easy To Use (TM). I so hate it when I have to log in to a site, navigate 20 clicks through some obscure trail, and when I finally get to my favorite page I can't bookmark it because next time the site forces me through all those convoluted steps again!
This site supports bookmarks! Just login once and no revalidation next time! No wonder he got hired by another company, probably a bank or someone with lots of money to burn. On second thought, couldn't be a bank. They couldn't work out how to make a site usable if it was the last step between them and a Congressional bailout! |
|
Perhaps the application never gained more than one user.
Plenty of room for growth!! |
| « SQL Injection Protection * 3 | Office Supply Amnesty » |
