[Stones]

Quote:

Originally Posted by bigtigerbeee mean UCP ?

Yeah, I think so.

Quote:

Originally Posted by jokerm please help me ,i dont know how to connect web and server

First of all, get you're own forum / website, make your own or use a template.

Here's some example of ' some ' code you could use to make a UCP.

Код:

<?php
$con = mysql_connect("localhost","Stones","*********");
mysql_select_db("Stones");
?>

Код:

<?php
include("connect.php");
session_start();
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
  if(isset($_SESSION["Username"]))
  {
    $user = $_SESSION["Username"];
    $pass = $_SESSION["Password"];
  }
  else
  {
    $user = $_POST["User"]; 
    $pass = $_POST["Password"];
    $_SESSION['Username'] = $user;
    $_SESSION['Password'] = $pass;
    $escuser = mysql_real_escape_string($user);
    $escpass = mysql_real_escape_string($pass);
  }
  $query = "SELECT * FROM users WHERE pUsername = '$escuser'";
  $result = mysql_query($query);
  $username_exist = mysql_num_rows($result);
  if($username_exist == 0)
  {
    echo 'That profile does not exist! <br />';
    echo '<a href="index.php">Idi nazad</a>';
    unset($_SESSION['Username']);
    unset($_SESSION['Password']);
    die;
  }  
  $row = mysql_fetch_row($result);
  if($row[2] !== $escpass)
  {
    echo 'Password is not valid!  <br />';
    echo '<a href="index.php">Idi nazad</a>';
    unset($_SESSION['Username']);
    unset($_SESSION['Password']);
    die;
  }

Use this as an example to escape forms.

PHP код:

function sanitizeString($var){ 
$var = stripslashes($var); 
$var = htmlentities($var); 
$var = strip_tags($var); 
return $var; 
} 


Use this as an example to escape strings.

PHP код:

function sanitizeSQL($var){ 
$var = mysql_real_escape_string($var); 
$var = sanitizeString($var); 
return $var; 
} 


This part is taken from elsewhere but if you want have extra security on your passwords.

PHP код:

$Salt1 = "#$@#%#$!@$@#1234223233"; 
$Salt2 = "#*$(#@$&AJDSU#341224334"; 
$Hash = md5("$Salt1$password$Salt2");