dallbee's Profile User Rating: -----

Reputation: 4 Apprentice
Group:
New Members
Active Posts:
15 (0.02 per day)
Joined:
17-October 11
Profile Views:
1,784
Last Active:
User is offline Sep 17 2012 09:21 AM
Currently:
Offline

Previous Fields

Country:
US
OS Preference:
Linux
Favorite Browser:
Chrome
Favorite Processor:
Intel
Favorite Gaming Platform:
PC
Your Car:
Nissan
Dream Kudos:
0

Latest Visitors

Icon   dallbee hurmm.

Posts I've Made

  1. In Topic: Best secure way to create a login with PHP

    Posted 16 Sep 2012

    I've never seen a shared hosting webserver that doesn't give you access outside of your www directory. Typically you get your own folder, with a public_html or www inside of it.
  2. In Topic: How do I strip the keys out of an array and display the values in HTML

    Posted 15 Sep 2012

    Bit of hand-holding:
    <?php
    
    $dice_count = 5;
    $dice_sides = 6;
    $results = array();
    
    for($i = 0; $ < $dice_count; ++$i)
    {
        $results[$i] = rand(1, $dice_sides);
    }
    
    foreach($results as $key => $value)
    {
        echo "{$key}: {$value}, ";
    }
    
    // end of script
    
    
  3. In Topic: PHP Programmer Roll Call

    Posted 15 Sep 2012

    Hello, I'm Dylan.

    Current Projects:
    FanboyWar - Debate website. I'll have more information on this when we launch. http://fanboywar.com should be up within a week or so.
    Optivus ATS - I'm the project leader for developing an automated testing system for a proton therapy machine. Can't disclose any details, but we're using PHP and have extremely strict security requirements on the web application.

    I specialize in security, but I've got experience in every step of web application development.
    Unit testing and me don't get along very well. I usually have people that are working under me unit test my code, and its sort of a running competition for who can find a bug in my code.
  4. In Topic: Best secure way to create a login with PHP

    Posted 15 Sep 2012

    Quote

    whats to stop a person from just bypassing the login by guessing where the redirect goes to?

    The trick is to not actually put any of your php files into an http accessible folder.
    Say you have a www folder where all of your files can be seen by the web. This folder is located at something like /user/www/ . Inside of /user/www/, you can place an index.php which serves only to include files for authenticated users. The rest of your files are placed in /user/yourwebsite/

    Session Security:
    Encrypt your sessions with AES-256 and a 256 bit key.
    Lock sessions to an IP Address.
    Use SSL, but don't rely on it.
    Hash your passwords with either scrypt, bcrypt, or pbkdf2 (Ordered best to worst)
  5. In Topic: Connection efficiency

    Posted 15 Sep 2012

    Good question, and some good answers.

    Quote

    On most servers you will see little or no benefit from using them in any case, so you may as well stay clear of them unless they are needed.

    In my experience, using persistent connections has always been a significant optimization. The difference becomes greater as you reach higher loads.

    Quote

    There are many different ways to achieve this, but what I've found it simplest to use a Singleton class to manage the database connection

    Atli's advice here is sound. Try making a database class that is instantiated just once, and does its connection in its constructor. You'll find this is easy to implement and will clean up your code substantially.

    As far as speed goes, how large do you plan on this application being?

My Information

Member Title:
New D.I.C Head
Age:
22 years old
Birthday:
December 18, 1991
Gender:
Location:
Lake Arrowhead, California
Interests:
Physics, Digital Design, Programming, Snowboarding, Gaming
Full Name:
Dylan Allbee
Years Programming:
8
Programming Languages:
PHP, C++, ASM, Python, Verilog, LabVIEW, JS, C#

Contact Information

E-mail:
Private
AIM:
AIM  allb269
MSN:
MSN  dsallbee@hotmail.com
Website URL:
Website URL  http://dallbee.com/
Twitter:
dsallbee

Friends

dallbee hasn't added any friends yet.

Comments

dallbee has no profile comments yet. Why not say hello?