@KevinProndzinski1998 hi unintelligent person :)

Take care at the password thingy, it's hackable. :D

ahahahaah the way you say MySql

what would happend if i just type "\main.php" without loging :)

lol..never put directly POST variables to mysql query!! I can easily SQL inject this :)

hi what do you use for screen capture.?

you sound like you're 12. and your coding style looks like you're 9.

in short, not even your internet balls have dropped yet.

come back and make your tutorials when you've got the manhood to back them up.

@sharpnova2 Oh? And what tutorials do you have up on your site? That's if you even know PHP. Instead of moaning about his code, how about showing a bit of your wisdom (or lack thereof) and telling him the right way to do it?

@KDALove i don't have "tutorials up on my site" i am however capable of writing decent code. this code is just garbage. neglects security, extensibility, and a million other basic pardigms that define good coding practices.

you can't use php all by itself like this and make a robust or even usable application.

@sharpnova2 Then provide suggestions to him instead of PMSing about it.

@KDALove Why? I didn't come here to provide suggestions. If I did, I would have.

@sharpnova2 Okay...keep complaining then.

@KDALove *complains*

@sharpnova2 ,And you're the biggest f*ck on earth!

@softwarefreak89 well thank ya!

@sharpnova2 Wow. This comment was uncharacteristically nice. Were you in a good mood when you made it?

@laifalbert suck cocks in hell. your mother deserves to be raped by a pack of wild niggers.

and i hope she is.

@sharpnova2 That was uncharacteristically devoid of pretentious claims of superior intelligence; are you getting angry or just tired?

@laifalbert No.

it is interesting tutorial!!!!!!!!

but I cann't find your website plz can you tell me???????

can i find this code anywhere in the web so i copy-paste it?

not the best!!!!!!!!!!!

Every time I try to log in, I get an error.

Check out the forum tutorial using login and logout.

@SethiXzon

THE BIGGEST ERROR ON THE LAST

}

NO ; JUST }

@laserdragonnet I don't understand... what?

@SethiXzon

ON THIS PART THE CODE WAS WRONG

header ("Location: main.php");

} else {

header ("Location: incorrect.php");

} /* JUST HERE */

?>

@laserdragonnet I didn't add a ;

It still didn't work; It always directs to the error page.

5:30

Она рыгнула))...

:D

Awful code. User login should be kept in _SESSION and never in cookies. With this method, anybody could set a "username" cookie on their computer and log in to any account on your site.

Can you(keeganbakker) please send me link to your tutorials on PHP, please.

If you can(keeganbakker) not post your tuorials, then please be thankful to these "mysqual's" tutorials.

lol 1:04! oopsies!

Love your video. Youre impressively fast.

I cringe at your forms as well though!

Good video !

But your form isn't very XHTML valid :D

Anyway... Nice video ;)

:( lol this it doesnt insert it into the db lol o well the new ones better just trying this one xD

very helpful, thanks

how do you put it to your webiste????

localhost? whats that

if you have a webserver running on your own computer, to access it, you normally use localhost unless you have your own domain that points to your own box

it is your wamp on pc or mamp on mac. That is were we set up the data base.

lamp on linux!

5 stars ans subscribed .... nice job

sick but where i get the sql database from please pm me on youtube telling me a good hosting website that supports sql and php please send me the link for that or the host your useing thanks

wamp for windows does that im sure

its like they're missing quotes.

test

Nice tutorial. I just made my first php video tutorial and uploaded it here to youtube and found that it's much hard than it appears making the actual tutorial and explaining, etc.. Think I redid it 20 times...lol

A commendable beginners tutorial, but please don't use this script on a public website. It can be exploited very easily with a simple sql injection attack. Google sql injection for more information.

5 stars and subscribed!

wow your voice rlly changed

do you have any web pages currently on line, that you have programmed?

didn't know michael jackson knew php

Ey men!

Las cookies no son seguras!

Cualquiera puede saltarselas (Pues la cookies se guardan en el equipo del usuario)

Es recomendable que uses Sesiones que se almacenan en el servidor:

ok? lol

you have ugly voice :o)

Im luving it, keep up the good work.

what did your friend ever do to you, lol

phone ringing? lol

you shouldn't put username and passwiord in cookies, and mysql is a good idea but shouldn't you use that for user and registration

I changed something on the html_output.php file and now i cant flog into the admin console, it just refreshes when i try.

Any ideas how i can fix this ?

This is sooooo usecure, you MUST NOT put an username or id in a cookie! And it is also NOT Encoded, you should Shame yourself!!

yeah. i also thought it was the cookies that it is in the kitchen

I thought it was the edible cookies. O.O

lmao nope

great thanks!

heard music in the background lol nice vid

I guess that was pretty cool.

I really enjoyed you php training. You sound young and so bright! I can not find a link to your web site for the code. Thanks for you help, great work!

Good work kid. Really helped me.

Awesome, thanks

good luck. you're only watching one of my oldest tutorials.

you should explain what the functions does.

Hey, I'm about your age and just watched your video. You really need to introduce some kind of sanitation of user input as your current script is at risk of hackers and scriptkiddies(tm).

If you need help implementing this just give me a shout.

Ross

--------------------

4 Years PHP/MySQL/Linux experience including application development and dns management

Also, I would advise everyone thats new to PHP to secure their forms from SQL Injections and etc..

How you can secure form from sql Injections? i am new to php so i really don't know how to secure form from sql injectins.

mysql_real_escape_string($user­), mysql_real_escape_string($pass­word)

additionally you would want to clean the user input allowing only A-Z 0-9 characters. you can do that with preg_replace() or a regular expression function.

also i want to say screw addslashes and magic quotes. woot woot PHP 6.0

I just like to say dont give up teaching people how to code. Your code might not be the best or amazing but I prefer videos to writen tutuorials and been dyslexic I prefer people to go through stuff like this its a lot better then nothing. Not many show you how to code in php live and its just good to get run through it rather then staring at theory or geting an full example and trying to work out what is what. Dont give up doing your videos there really helpful!

Thanks :) A lot of my newer tutorials provide a more excellent source and better quality.

test

Pretty good, but it's pronounced "sequel", not "squal", lol. Squal sounds like the noise a bird makes, haha

its not sequel - ITS  pronounced eS Qu eL

or sequal, according to wiki.

never the less marcus said a few times, that he knows how to pronouce it in the correct way, so why take you care about such stupid thing?

who cares how he pronounces it, as long as he types it correctly

Just a note: you didn't select username from the database, so $id['username'] would be empty (you only selected id from the table, so only $id['id']).

Im luving it, keep up the good work.

Thanks :D

I might actually try this one day, when I have time. I didn't code PHP for a while now, gonna pick it up again.

I'm wondering if this is well secured? Like, is it easy hackable by other peoples?

U keep saying OK

Ok :D

ok now that i understand logging in! how are you suppose to make a profile for the users like the youtube channel that each user has! anybody know just reply or message me if u like! thanks!

i cant goto cs-blog(dot)net

I know. I shut that site down like 2 yrs ago.

lmao ok :)

Good video, though you might wanna explain your code while you are writing (typing) it instead of just reading it. Also, it would have been nice to run it locally. Keep up the good work.

Thanks :D

smart kid lol

thanks :D

Great Job - Thanks -

Fo sho.

it is workingnow..

what do i need to include on my index.php

to make sure ppl dunt go there directly

without loggin in

Just check if the cookie exists.

your voice doesn't sound as girly anymore

ok.

i downloaded the script off your home page..

it aint working

keeps saying wrong password

$sql = "SELECT * FROM `user` WHERE `username`='$_POST['username'] AND `password`='$_POST['password']­"; Like: $_POST['username'] = "' OR 1=1 --"; //1 is always true, and when you type -- it ignore the rest of the query. That makes password not importent. It will get a query like this: SELECT * FROM `user` WHERE `username`='n00b' or 1=1 -- So always true. Use: 1. Hashes 2. Mysql_real_escape_string 3. Better query's 4. Check post variable 5. Go to learn PHP and MySQL

OR OR.

Added: 1 year ago.

You'd expect me to learn more. I'm not fucking retarded, I may have been at that time.

sorry but i didnt work for me

nice work buddy, pretty clear, except what u demonstrate at the end is a bit different than what u were coding(ie not just form). maybe should have just showed the simple form that would have been produced.

anyhow good work keep it up.

Thanks :D

how do you use XAMPP??????

stupid.............

XAMPP is a load of crap i downloaded it and it wont install anything

how do i find out my local host?

Google: XAMPP

127.0.0.1

local host is you computer

the word "local" explains everything

neoblob[dot]com/phpsquad

thank you

your Tutorials are help me a lot , thank you

No problem, glad they helped :D

how do you get the mysql address?

It should just be localhost, if not [and you're using cPanel] go into your mySQL section of it, scroll down until you find host.

how do you get localhost?

Google: XAMPP

And i copyed it from you site.

yea mine saus the same exact thing plus i got it from your site what is suppost to happen once u click login

Nice tutorial. But! when im login in it says:

Parse error: syntax error, unexpected T_STRING in C:\xampp\htdocs\TGS\do_login.p­hp on line 17

Why?

Make sure you ended all the quotes.

Now it stands:

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\TGS\do_login.p­hp on line 11

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\TGS\do_login.p­hp:11) in C:\xampp\htdocs\TGS\do_login.p­hp on line 24

:S

Nice tutorial, but your website you tested it on is down. :P It looks cool. :P

oh my, i took that site down a while ago

nice tutorial

Thanks :D

Hey love your tutorials, i know most of the stuff in them already but still interesting to watch, keep it up.

Just to let you know if you creating a login script in the query for selecting the user information from the database, You should only use WHERE username=$_POST['username] and end it there! and then match the passwords later on in the script! To easy to inject a script that selects both the username and password.

Just helpfull tip! keep up the good work!

Andy

hey a have a question, if u don't mine, how old r u?

Lol, 14.

He don't know anything,

1) If he knew it then he would't be using another window with the code on it...

Nor will he be calling MyS.Q.L how he was as thats how lamers say it.

FYI: You need to use quotes, etc including ' ; ' inwhich he did't use on the variables...

Thank you and goodbye :D

Dude do you know English???

Yes, but you don't do you?

If you really did then you would have understood what I said...

Think before you try and act like a smart ass, is this person your love or something if that were true then "Lame Gaymer"...

Bye Bye

you're complaining on how he pronounces MYSQL and judging his knowledge by that? lolz, oookaaaay.

All you guys are commenting on making a better tutorial, if your so good why dont you create them yourselves and

teach those who want to learn, the right way. Instead of complaining. spread the knowledge the right way.

Thanks

No problem! Sorry, in the US :P

You guys don't take what you learn or hear from comments on YouTube too seriously. I'm a professional PHP freelancer and can tell you confidently that yes, there are hundreds of ways to "hack" this script. Learn more before settling with this script. One huge thing I must mention is that logins should not be kept in cookies. The user, if he knows what he is doing can really play around with your cookies.

// HTML-Part

1. Write proper HTML-Code with Doctype-Definition etc.

2. Close all Tags

3. Write wheather HTML or XHTML but one of both in the correct way

I really hope no guys are using this script!

I don't say you aren't able to develop webapplications but if you teach others in doing that use a proper style and a secure way...

// PHP-Part

1. Write proper PHP style

2. Don't use POST-Variables in a MySQL-Query without escaping them (e.g. mysql_escape_string();)

3. Don't use cookies to check the login

4. Don't teach that Cookies are a secure way to protect a site

5. I can hack this little script within a minute

Call it with

username="test';TRUNCAT TABLE `user`;

and all is deleted!

Hey guy!

Learn to Code propper PHP.

I can hack your system in a few Minutes.

Using POST-Variables without escaping than is dangerous!

If you send a POST-Call to the Page with username= a',TRUNCAT TABLE `user`" all users will be deleted

A second mistake is that cookies really aren't secure enough!

I really hope that no guys use this script...

I'm sorry for my bad english, i'm german

I don't say you aren't able to develop but if you make tutorials you should think about what you teach!

your code is tottaly messed up, learn HTML and PHP properly before u start trying to teach others

For all i know you could be more experienced. I've only known PHP for like 7 months, and this was at like my two month stage, so whatever.

still man, you have to end the HTML tags.

writing a table without closing the table date tag makes it tottaly messed up, and the code is not safe at all.. still a good tutorial, some mistakes in your code, but descent for only 7monthes, but start learning html first, then go ahead doing the php.

I don't follow DOCTYPEs. So in my case, I think it's fine. But still, remember the month :)

Do you think that seven months are much?

For your own using this code is maybe ok...

but if you want to teach others you must be better than this.

Ever for seven months this code is miserable, sorry!

Ok, well I don't care much about your criticism. I made this back in October. Did it look like I was experienced? No. And you couldn't even fucking SQL Inject it without spelling TRUNCATE correct. So whether you think I'm bad at PHP/HTML or you just can't spell because you're German.

The things i've wrote were only a few thinks....

I don't think you're bad in PHP/HTML & Co but i think if you want to teach other people, having no skills, you should do better work, without mistakes and in a good style.

The fact that i wrote TURNCATE wrong doesn't really matter, but fact is that you can hack the whole system very simply!

When teaching others in programming applications do better work than this an be a paragon in your doing!

why dont you create tutorials in php programming? you sould like you know more and would be better professional ooriented

good start, but to be a true tutorial, you need to explain why you do what you do.

Yes, I should have.

Yeah man. You're good especially for your age. Now that you have a tutorial on registration and logging in, it would be good to see one for authentication next. Also, tables are almost unused. Try using divs to design your tables instead. Good job man. Don't stop.

Thank you so much my friend, I'm 19 and familiar with programming but this helps A TON. You are a savior.

Where do I signup for your weekly videos?

kazisdaman2 at hotmail dot com

sign me up!

Haha, thanks! Just hit subscribe!

good job!

Thanks!

Do you know the PHP examination?

I fell five times. --;

it really helped but the text was to small for me to see.

Nice stuff man u have helped me alot iam not very good heh iam getting there

Thanks for your video tutorials!! I'm trying to set up a fairly simply PHP membership signup and login script, but have no idea where to start, even tho I've been designing websites for years ... I'm totally new to PHP and tho it's available on the web host I don't know how to use it, set up permissions, etc., etc.

Suggestion: could you number your videos so there's a starting point? I feel I dropped in on the middle of a party that's halfway over.

Thanks!

Hehe, I'll start doing that! Thanks for the comment!

great...

nice work btw, really nice tutorials :)

but your attitude not to close td and tr tags drives me crazy :D

lol, thanks, yeah, I am not that strict on ending tags

login session would be nice :>