Tuesday 9 April 2019
Hard-coded credentials in php file prevent static files loading
Answer
Answer
For the sake of learning no-framework php from scratch, I wrote an admin.php file which have the following code:
$not_auth_msg = "Not Authorized
";
if($_GET['username'] == "admin") {
$pass = md5($_GET['password']);
if($pass != "21232f297a57a5a743894a0e4a801fc3") {
exit($not_auth_msg);
}
} else {
exit($not_auth_msg);
}
?>
..
..
..
Authorization works OK, but php 5.4's built in server replies "PHP Notice: Undefined index: username in ..." for each static file (bootstrap, jquery etc.), and the worse thing - the static files do not load!
What am I doing wrong?
Answer
Change the if with
if(isset($_GET['username']) && $_GET['username'] == "admin") {
...
}
That will solve your problem. When your not providing username
that key is not set in $_GET
and error notification if your php.ini
file must be ALL
i.e. notifications will be displayed/rendered.
Subscribe to:
Post Comments (Atom)
php - file_get_contents shows unexpected output while reading a file
I want to output an inline jpg image as a base64 encoded string, however when I do this : $contents = file_get_contents($filename); print &q...
-
I have an app which needs a login and a registration with SQLite. I have the database and a user can login and register. But i would like th...
-
I would like to use enhanced REP MOVSB (ERMSB) to get a high bandwidth for a custom memcpy . ERMSB was introduced with the Ivy Bridge micro...
-
According to my understanding, and my calculator, cos(90 degrees) equals 0 . In my code, I have a funct...
No comments:
Post a Comment