Afternoon people, I urgently need someone to look at my code below and tell my why: 1. The wrong credentials allow one access. 2. Only the dealers page is opening even after selecting user or admin portals. Looking forward to helpful feedback thanks. *THE CODE:* <?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows=mysql_num_rows($result); //error below here if($numrows=1){ /*echo "success"; echo "Name:".$u_id."</br>";*/ //user access if ($portal="user"){ header("Location:upload.html"); } else{ echo "login error"; return false; } //dealer access even with wrong credentials this is opened if ($portal="dealer"){ header ("Location:select.html"); } //administrator access elseif ($portal="admin"){ header ("Location : login.html"); } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?>
How do you assign username an id?? On Wed, Apr 24, 2013 at 2:40 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
Afternoon people, I urgently need someone to look at my code below and tell my why: 1. The wrong credentials allow one access. 2. Only the dealers page is opening even after selecting user or admin portals. Looking forward to helpful feedback thanks. *THE CODE:* <?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows=mysql_num_rows($result); //error below here if($numrows=1){ /*echo "success"; echo "Name:".$u_id."</br>";*/ //user access if ($portal="user"){ header("Location:upload.html"); } else{ echo "login error"; return false; } //dealer access even with wrong credentials this is opened if ($portal="dealer"){ header ("Location:select.html"); } //administrator access elseif ($portal="admin"){ header ("Location : login.html"); } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?>
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Yegon Victor | Web Specialist/Internet Consultant |
I suspect it's line 18 where you state thus: *if($numrows=1){* * * I reckon you wanted to say: *if($numrows == 1){* On Wed, Apr 24, 2013 at 2:46 PM, Victor Yegon <viktayeg@gmail.com> wrote:
How do you assign username an id??
On Wed, Apr 24, 2013 at 2:40 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
Afternoon people, I urgently need someone to look at my code below and tell my why: 1. The wrong credentials allow one access. 2. Only the dealers page is opening even after selecting user or admin portals. Looking forward to helpful feedback thanks. *THE CODE:* <?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows=mysql_num_rows($result); //error below here if($numrows=1){ /*echo "success"; echo "Name:".$u_id."</br>";*/ //user access if ($portal="user"){ header("Location:upload.html"); } else{ echo "login error"; return false; } //dealer access even with wrong credentials this is opened if ($portal="dealer"){ header ("Location:select.html"); } //administrator access elseif ($portal="admin"){ header ("Location : login.html"); } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?>
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards,
Yegon Victor | Web Specialist/Internet Consultant |
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Peter Karunyu -------------------
True Peter. Also the other parts where you are doing comparison and not assignment. On Wed, Apr 24, 2013 at 2:56 PM, Peter Karunyu <pkarunyu@gmail.com> wrote:
I suspect it's line 18 where you state thus:
*if($numrows=1){* * * I reckon you wanted to say:
*if($numrows == 1){*
On Wed, Apr 24, 2013 at 2:46 PM, Victor Yegon <viktayeg@gmail.com> wrote:
How do you assign username an id??
On Wed, Apr 24, 2013 at 2:40 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
Afternoon people, I urgently need someone to look at my code below and tell my why: 1. The wrong credentials allow one access. 2. Only the dealers page is opening even after selecting user or admin portals. Looking forward to helpful feedback thanks. *THE CODE:* <?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows=mysql_num_rows($result); //error below here if($numrows=1){ /*echo "success"; echo "Name:".$u_id."</br>";*/ //user access if ($portal="user"){ header("Location:upload.html"); } else{ echo "login error"; return false; } //dealer access even with wrong credentials this is opened if ($portal="dealer"){ header ("Location:select.html"); } //administrator access elseif ($portal="admin"){ header ("Location : login.html"); } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?>
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards,
Yegon Victor | Web Specialist/Internet Consultant |
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Peter Karunyu -------------------
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
try this ----------------------------------------------------------------- <?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows=mysql_num_rows($result); //error below here if($numrows=1) { /*echo "success"; echo "Name:".$u_id."</br>";*/ //user access if ($portal="user") { header("Location:upload.html"); } //dealer access even with wrong credentials this is opened elseif ($portal="dealer") { header ("Location:select.html"); } //administrator access elseif ($portal="admin") { header ("Location : login.html"); } else { echo "login error"; return false; } } else { echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?> ------------------------------------------------------- On Wed, Apr 24, 2013 at 2:59 PM, Kennedy Kairu Kariuki <kkairu@gmail.com>wrote:
True Peter. Also the other parts where you are doing comparison and not assignment.
On Wed, Apr 24, 2013 at 2:56 PM, Peter Karunyu <pkarunyu@gmail.com> wrote:
I suspect it's line 18 where you state thus:
*if($numrows=1){* * * I reckon you wanted to say:
*if($numrows == 1){*
On Wed, Apr 24, 2013 at 2:46 PM, Victor Yegon <viktayeg@gmail.com> wrote:
How do you assign username an id??
On Wed, Apr 24, 2013 at 2:40 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
Afternoon people, I urgently need someone to look at my code below and tell my why: 1. The wrong credentials allow one access. 2. Only the dealers page is opening even after selecting user or admin portals. Looking forward to helpful feedback thanks. *THE CODE:* <?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows=mysql_num_rows($result); //error below here if($numrows=1){ /*echo "success"; echo "Name:".$u_id."</br>";*/ //user access if ($portal="user"){ header("Location:upload.html"); } else{ echo "login error"; return false; } //dealer access even with wrong credentials this is opened if ($portal="dealer"){ header ("Location:select.html"); } //administrator access elseif ($portal="admin"){ header ("Location : login.html"); } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?>
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards,
Yegon Victor | Web Specialist/Internet Consultant |
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Peter Karunyu -------------------
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Zack K. Githinji Technical Officer, Cell:+254 722 649199 E-mail:zachgithinji@gmail.com "God grant me the serenity to accept the things I cannot change, the courage to change the things I can, and the wisdom to know the difference."
Insecure coding will grant anyone access as input is not escaped. On Wed, Apr 24, 2013 at 3:00 PM, Zack Githinji <zachgithinji@gmail.com>wrote:
try this -----------------------------------------------------------------
<?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows=mysql_num_rows($result); //error below here if($numrows=1) { /*echo "success"; echo "Name:".$u_id."</br>";*/ //user access if ($portal="user") { header("Location:upload.html"); } //dealer access even with wrong credentials this is opened elseif ($portal="dealer")
{ header ("Location:select.html"); } //administrator access elseif ($portal="admin") { header ("Location : login.html"); } else { echo "login error"; return false;
} } else { echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?> -------------------------------------------------------
On Wed, Apr 24, 2013 at 2:59 PM, Kennedy Kairu Kariuki <kkairu@gmail.com>wrote:
True Peter. Also the other parts where you are doing comparison and not assignment.
On Wed, Apr 24, 2013 at 2:56 PM, Peter Karunyu <pkarunyu@gmail.com>wrote:
I suspect it's line 18 where you state thus:
*if($numrows=1){* * * I reckon you wanted to say:
*if($numrows == 1){*
On Wed, Apr 24, 2013 at 2:46 PM, Victor Yegon <viktayeg@gmail.com>wrote:
How do you assign username an id??
On Wed, Apr 24, 2013 at 2:40 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
Afternoon people, I urgently need someone to look at my code below and tell my why: 1. The wrong credentials allow one access. 2. Only the dealers page is opening even after selecting user or admin portals. Looking forward to helpful feedback thanks. *THE CODE:* <?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows=mysql_num_rows($result); //error below here if($numrows=1){ /*echo "success"; echo "Name:".$u_id."</br>";*/ //user access if ($portal="user"){ header("Location:upload.html"); } else{ echo "login error"; return false; } //dealer access even with wrong credentials this is opened if ($portal="dealer"){ header ("Location:select.html"); } //administrator access elseif ($portal="admin"){ header ("Location : login.html"); } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?>
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards,
Yegon Victor | Web Specialist/Internet Consultant |
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Peter Karunyu -------------------
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Zack K. Githinji Technical Officer,
Cell:+254 722 649199 E-mail:zachgithinji@gmail.com
"God grant me the serenity to accept the things I cannot change, the courage to change the things I can, and the wisdom to know the difference."
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Best Regards, _ _ ____ __ _ __ _ _ _ Y [__] | \| | \| Y Email: yonnym@gmail.com Skype: yonny4103PGP Public Key http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC31163AE5A98C30A DISCLAIMER: The information contained in or accompanying this e-mail is intended for the use of the stated recipient only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mis-transmission.If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender.You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient.
@Victor from my understanding, $u_id is just a variable. Correct me if i am wrong but I think I can call it anything as long as I am consistent with its use. @Peter and Kennedy I had been using that and all I got was a blank page although the address bar showed it had moved to my php file. On Wed, Apr 24, 2013 at 2:59 PM, Kennedy Kairu Kariuki <kkairu@gmail.com>wrote:
True Peter. Also the other parts where you are doing comparison and not assignment.
On Wed, Apr 24, 2013 at 2:56 PM, Peter Karunyu <pkarunyu@gmail.com> wrote:
I suspect it's line 18 where you state thus:
*if($numrows=1){* * * I reckon you wanted to say:
*if($numrows == 1){*
On Wed, Apr 24, 2013 at 2:46 PM, Victor Yegon <viktayeg@gmail.com> wrote:
How do you assign username an id??
On Wed, Apr 24, 2013 at 2:40 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
Afternoon people, I urgently need someone to look at my code below and tell my why: 1. The wrong credentials allow one access. 2. Only the dealers page is opening even after selecting user or admin portals. Looking forward to helpful feedback thanks. *THE CODE:* <?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows=mysql_num_rows($result); //error below here if($numrows=1){ /*echo "success"; echo "Name:".$u_id."</br>";*/ //user access if ($portal="user"){ header("Location:upload.html"); } else{ echo "login error"; return false; } //dealer access even with wrong credentials this is opened if ($portal="dealer"){ header ("Location:select.html"); } //administrator access elseif ($portal="admin"){ header ("Location : login.html"); } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?>
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards,
Yegon Victor | Web Specialist/Internet Consultant |
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Peter Karunyu -------------------
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
@Zack tried it and the error I have gotten is: "*Parse error*: syntax error, unexpected T_ELSEIF.... on line 30" @Yoni. Please explain. Have not come across such before. On Wed, Apr 24, 2013 at 3:06 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
@Victor from my understanding, $u_id is just a variable. Correct me if i am wrong but I think I can call it anything as long as I am consistent with its use.
@Peter and Kennedy I had been using that and all I got was a blank page although the address bar showed it had moved to my php file.
On Wed, Apr 24, 2013 at 2:59 PM, Kennedy Kairu Kariuki <kkairu@gmail.com>wrote:
True Peter. Also the other parts where you are doing comparison and not assignment.
On Wed, Apr 24, 2013 at 2:56 PM, Peter Karunyu <pkarunyu@gmail.com>wrote:
I suspect it's line 18 where you state thus:
*if($numrows=1){* * * I reckon you wanted to say:
*if($numrows == 1){*
On Wed, Apr 24, 2013 at 2:46 PM, Victor Yegon <viktayeg@gmail.com>wrote:
How do you assign username an id??
On Wed, Apr 24, 2013 at 2:40 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
Afternoon people, I urgently need someone to look at my code below and tell my why: 1. The wrong credentials allow one access. 2. Only the dealers page is opening even after selecting user or admin portals. Looking forward to helpful feedback thanks. *THE CODE:* <?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows=mysql_num_rows($result); //error below here if($numrows=1){ /*echo "success"; echo "Name:".$u_id."</br>";*/ //user access if ($portal="user"){ header("Location:upload.html"); } else{ echo "login error"; return false; } //dealer access even with wrong credentials this is opened if ($portal="dealer"){ header ("Location:select.html"); } //administrator access elseif ($portal="admin"){ header ("Location : login.html"); } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?>
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards,
Yegon Victor | Web Specialist/Internet Consultant |
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Peter Karunyu -------------------
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
@Nduati, try the code below, but, like Kairu said, there were other places where you are using = instead of ==. <?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn = mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL = "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result = mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows = mysql_num_rows($result); //error below here if($numrows == 1){ //user access if ($portal == "user"){ header("Location:upload.html"); } elseif ($portal == "dealer"){ header ("Location:select.html"); } elseif ($portal == "admin"){ header ("Location : login.html"); } else { echo "login error"; return false; } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?> On Wed, Apr 24, 2013 at 3:12 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
@Zack tried it and the error I have gotten is: "*Parse error*: syntax error, unexpected T_ELSEIF.... on line 30"
@Yoni. Please explain. Have not come across such before.
On Wed, Apr 24, 2013 at 3:06 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
@Victor from my understanding, $u_id is just a variable. Correct me if i am wrong but I think I can call it anything as long as I am consistent with its use.
@Peter and Kennedy I had been using that and all I got was a blank page although the address bar showed it had moved to my php file.
On Wed, Apr 24, 2013 at 2:59 PM, Kennedy Kairu Kariuki <kkairu@gmail.com>wrote:
True Peter. Also the other parts where you are doing comparison and not assignment.
On Wed, Apr 24, 2013 at 2:56 PM, Peter Karunyu <pkarunyu@gmail.com>wrote:
I suspect it's line 18 where you state thus:
*if($numrows=1){* * * I reckon you wanted to say:
*if($numrows == 1){*
On Wed, Apr 24, 2013 at 2:46 PM, Victor Yegon <viktayeg@gmail.com>wrote:
How do you assign username an id??
On Wed, Apr 24, 2013 at 2:40 PM, Andrew Nduati <nduatiandrew@gmail.com
wrote:
Afternoon people, I urgently need someone to look at my code below and tell my why: 1. The wrong credentials allow one access. 2. Only the dealers page is opening even after selecting user or admin portals. Looking forward to helpful feedback thanks. *THE CODE:* <?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result=mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows=mysql_num_rows($result); //error below here if($numrows=1){ /*echo "success"; echo "Name:".$u_id."</br>";*/ //user access if ($portal="user"){ header("Location:upload.html"); } else{ echo "login error"; return false; } //dealer access even with wrong credentials this is opened if ($portal="dealer"){ header ("Location:select.html"); } //administrator access elseif ($portal="admin"){ header ("Location : login.html"); } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?>
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards,
Yegon Victor | Web Specialist/Internet Consultant |
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Peter Karunyu -------------------
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Peter Karunyu -------------------
And what Yoni is implying is that, your code as is right now can be easily hacked by a standard 1 kid from Malaysia with their eyes closed :-) Specifically due to the lines below: $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; $strSQL = "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; There's lots of examples on the net on how to bypass your login using SQL Injection. A quick and dirty way of fixing it is thus: $portal=mysql_real_escape_string(strip_tags(trim($_POST['portal']))); $u_id=mysql_real_escape_string(strip_tags(trim($_POST['uname']))); $pwd=mysql_real_escape_string(strip_tags(trim($_POST['upass']))); On Wed, Apr 24, 2013 at 3:15 PM, Peter Karunyu <pkarunyu@gmail.com> wrote:
@Nduati, try the code below, but, like Kairu said, there were other places where you are using = instead of ==.
<?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn = mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL = "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result = mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows = mysql_num_rows($result); //error below here if($numrows == 1){ //user access if ($portal == "user"){ header("Location:upload.html"); } elseif ($portal == "dealer"){ header ("Location:select.html"); } elseif ($portal == "admin"){ header ("Location : login.html"); } else { echo "login error"; return false; } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?>
On Wed, Apr 24, 2013 at 3:12 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
@Zack tried it and the error I have gotten is: "*Parse error*: syntax error, unexpected T_ELSEIF.... on line 30"
@Yoni. Please explain. Have not come across such before.
On Wed, Apr 24, 2013 at 3:06 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
@Victor from my understanding, $u_id is just a variable. Correct me if i am wrong but I think I can call it anything as long as I am consistent with its use.
@Peter and Kennedy I had been using that and all I got was a blank page although the address bar showed it had moved to my php file.
On Wed, Apr 24, 2013 at 2:59 PM, Kennedy Kairu Kariuki <kkairu@gmail.com
wrote:
True Peter. Also the other parts where you are doing comparison and not assignment.
On Wed, Apr 24, 2013 at 2:56 PM, Peter Karunyu <pkarunyu@gmail.com>wrote:
I suspect it's line 18 where you state thus:
*if($numrows=1){* * * I reckon you wanted to say:
*if($numrows == 1){*
On Wed, Apr 24, 2013 at 2:46 PM, Victor Yegon <viktayeg@gmail.com>wrote:
How do you assign username an id??
On Wed, Apr 24, 2013 at 2:40 PM, Andrew Nduati < nduatiandrew@gmail.com> wrote:
> Afternoon people, I urgently need someone to look at my code below > and tell my why: > 1. The wrong credentials allow one access. > 2. Only the dealers page is opening even after selecting user or > admin portals. > Looking forward to helpful feedback thanks. > *THE CODE:* > <?php > $portal=$_POST['portal']; > $u_id=$_POST['uname']; > $pwd=$_POST['upass']; > //my sql part > $host="localhost"; > $dbuser="root"; > $dbpass=""; > //connect to the database > $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection > Error".mysql_error()); > mysql_select_db('cars') or exit("Database not found"); > //The Query > $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' > and `pass` = '.$pwd.' and `type` = '.$portal.'"; > $result=mysql_query($strSQL, $conn) or exit("sql > Error:".mysql_error()); > //logic test > $numrows=mysql_num_rows($result); > //error below here > if($numrows=1){ > /*echo "success"; > echo "Name:".$u_id."</br>";*/ > //user access > if ($portal="user"){ > header("Location:upload.html"); > } > else{ > echo "login error"; > return false; > } > //dealer access even with wrong credentials this is opened > if ($portal="dealer"){ > header ("Location:select.html"); > } > //administrator access > elseif ($portal="admin"){ > header ("Location : login.html"); > } > } > else{ > echo" Login Failed"; > echo "</br><a href='#' onclick='window.history.back();'>Click > Here</a>"; > } > ?> > > _______________________________________________ > skunkworks mailing list > skunkworks@lists.my.co.ke > ------------ > List info, subscribe/unsubscribe > http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks > ------------ > > Skunkworks Rules > http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 > ------------ > Other services @ http://my.co.ke >
-- Regards,
Yegon Victor | Web Specialist/Internet Consultant |
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Peter Karunyu -------------------
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Peter Karunyu -------------------
-- Regards, Peter Karunyu -------------------
Peter the code has worked!! Thank you all!! Also the additional security feature is something to brag about when I get to class. Thanks Skunks :-) On 4/24/13, Peter Karunyu <pkarunyu@gmail.com> wrote:
And what Yoni is implying is that, your code as is right now can be easily hacked by a standard 1 kid from Malaysia with their eyes closed :-)
Specifically due to the lines below:
$portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass'];
$strSQL = "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'";
There's lots of examples on the net on how to bypass your login using SQL Injection.
A quick and dirty way of fixing it is thus:
$portal=mysql_real_escape_string(strip_tags(trim($_POST['portal']))); $u_id=mysql_real_escape_string(strip_tags(trim($_POST['uname']))); $pwd=mysql_real_escape_string(strip_tags(trim($_POST['upass'])));
On Wed, Apr 24, 2013 at 3:15 PM, Peter Karunyu <pkarunyu@gmail.com> wrote:
@Nduati, try the code below, but, like Kairu said, there were other places where you are using = instead of ==.
<?php $portal=$_POST['portal']; $u_id=$_POST['uname']; $pwd=$_POST['upass']; //my sql part $host="localhost"; $dbuser="root"; $dbpass=""; //connect to the database $conn = mysql_connect($host,$dbuser,$dbpass) or exit("Connection Error".mysql_error()); mysql_select_db('cars') or exit("Database not found"); //The Query $strSQL = "SELECT `u_name` from `users` where `u_name` = '.$u_id.' and `pass` = '.$pwd.' and `type` = '.$portal.'"; $result = mysql_query($strSQL, $conn) or exit("sql Error:".mysql_error()); //logic test $numrows = mysql_num_rows($result); //error below here if($numrows == 1){ //user access if ($portal == "user"){ header("Location:upload.html"); } elseif ($portal == "dealer"){ header ("Location:select.html"); } elseif ($portal == "admin"){ header ("Location : login.html"); } else { echo "login error"; return false; } } else{ echo" Login Failed"; echo "</br><a href='#' onclick='window.history.back();'>Click Here</a>"; } ?>
On Wed, Apr 24, 2013 at 3:12 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
@Zack tried it and the error I have gotten is: "*Parse error*: syntax error, unexpected T_ELSEIF.... on line 30"
@Yoni. Please explain. Have not come across such before.
On Wed, Apr 24, 2013 at 3:06 PM, Andrew Nduati <nduatiandrew@gmail.com>wrote:
@Victor from my understanding, $u_id is just a variable. Correct me if i am wrong but I think I can call it anything as long as I am consistent with its use.
@Peter and Kennedy I had been using that and all I got was a blank page although the address bar showed it had moved to my php file.
On Wed, Apr 24, 2013 at 2:59 PM, Kennedy Kairu Kariuki <kkairu@gmail.com
wrote:
True Peter. Also the other parts where you are doing comparison and not assignment.
On Wed, Apr 24, 2013 at 2:56 PM, Peter Karunyu <pkarunyu@gmail.com>wrote:
I suspect it's line 18 where you state thus:
*if($numrows=1){* * * I reckon you wanted to say:
*if($numrows == 1){*
On Wed, Apr 24, 2013 at 2:46 PM, Victor Yegon <viktayeg@gmail.com>wrote:
> How do you assign username an id?? > > > On Wed, Apr 24, 2013 at 2:40 PM, Andrew Nduati < > nduatiandrew@gmail.com> wrote: > >> Afternoon people, I urgently need someone to look at my code below >> and tell my why: >> 1. The wrong credentials allow one access. >> 2. Only the dealers page is opening even after selecting user or >> admin portals. >> Looking forward to helpful feedback thanks. >> *THE CODE:* >> <?php >> $portal=$_POST['portal']; >> $u_id=$_POST['uname']; >> $pwd=$_POST['upass']; >> //my sql part >> $host="localhost"; >> $dbuser="root"; >> $dbpass=""; >> //connect to the database >> $conn= mysql_connect($host,$dbuser,$dbpass) or exit("Connection >> Error".mysql_error()); >> mysql_select_db('cars') or exit("Database not found"); >> //The Query >> $strSQL= "SELECT `u_name` from `users` where `u_name` = '.$u_id.' >> and `pass` = '.$pwd.' and `type` = '.$portal.'"; >> $result=mysql_query($strSQL, $conn) or exit("sql >> Error:".mysql_error()); >> //logic test >> $numrows=mysql_num_rows($result); >> //error below here >> if($numrows=1){ >> /*echo "success"; >> echo "Name:".$u_id."</br>";*/ >> //user access >> if ($portal="user"){ >> header("Location:upload.html"); >> } >> else{ >> echo "login error"; >> return false; >> } >> //dealer access even with wrong credentials this is opened >> if ($portal="dealer"){ >> header ("Location:select.html"); >> } >> //administrator access >> elseif ($portal="admin"){ >> header ("Location : login.html"); >> } >> } >> else{ >> echo" Login Failed"; >> echo "</br><a href='#' onclick='window.history.back();'>Click >> Here</a>"; >> } >> ?> >> >> _______________________________________________ >> skunkworks mailing list >> skunkworks@lists.my.co.ke >> ------------ >> List info, subscribe/unsubscribe >> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >> ------------ >> >> Skunkworks Rules >> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >> ------------ >> Other services @ http://my.co.ke >> > > > > -- > Regards, > > Yegon Victor | Web Specialist/Internet Consultant | > > > > _______________________________________________ > skunkworks mailing list > skunkworks@lists.my.co.ke > ------------ > List info, subscribe/unsubscribe > http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks > ------------ > > Skunkworks Rules > http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 > ------------ > Other services @ http://my.co.ke >
-- Regards, Peter Karunyu -------------------
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Peter Karunyu -------------------
-- Regards, Peter Karunyu -------------------
Glad it did. Wait till you are able implement MVC then you shall have something to brag about :-) Just so you and your classmates know, a couple of skunks who are PHP/MySQL "enthusiasts" are putting together a sort of mentorship class, if you interested, let me know. On 24 Apr 2013, at 18:48, Tony Likhanga <tlikhanga@gmail.com> wrote:
2013/4/24 Andrew Nduati <nduatiandrew@gmail.com> Peter the code has worked!! Thank you all!!
Also the additional security feature is something to brag about when I get to class.
So, was this a class assignment? <32B.gif> <32B.gif><32B.gif> _______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
@karunyu how can I possibly contribute to the class? On Wed, Apr 24, 2013 at 8:08 PM, Peter Karunyu <pkarunyu@gmail.com> wrote:
Glad it did. Wait till you are able implement MVC then you shall have something to brag about :-)
Just so you and your classmates know, a couple of skunks who are PHP/MySQL "enthusiasts" are putting together a sort of mentorship class, if you interested, let me know.
On 24 Apr 2013, at 18:48, Tony Likhanga <tlikhanga@gmail.com> wrote:
*2013/4/24 Andrew Nduati <nduatiandrew@gmail.com> *
*Peter the code has worked!! Thank you all!!
Also the additional security feature is something to brag about when I get to class.*
So, was this a class assignment? <32B.gif> <32B.gif><32B.gif>
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
We are thinking of starting with Google hangouts, will keep ye in the loop once the logistics are sorted out On 25 Apr 2013, at 17:18, "Nd'wex Common" <flexycat@gmail.com> wrote:
@karunyu how can I possibly contribute to the class?
On Wed, Apr 24, 2013 at 8:08 PM, Peter Karunyu <pkarunyu@gmail.com> wrote: Glad it did. Wait till you are able implement MVC then you shall have something to brag about :-)
Just so you and your classmates know, a couple of skunks who are PHP/MySQL "enthusiasts" are putting together a sort of mentorship class, if you interested, let me know.
On 24 Apr 2013, at 18:48, Tony Likhanga <tlikhanga@gmail.com> wrote:
2013/4/24 Andrew Nduati <nduatiandrew@gmail.com> Peter the code has worked!! Thank you all!!
Also the additional security feature is something to brag about when I get to class.
So, was this a class assignment? <32B.gif> <32B.gif><32B.gif> _______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Sign me up please. On 4/25/13, Peter Karunyu <pkarunyu@gmail.com> wrote:
We are thinking of starting with Google hangouts, will keep ye in the loop once the logistics are sorted out
On 25 Apr 2013, at 17:18, "Nd'wex Common" <flexycat@gmail.com> wrote:
@karunyu how can I possibly contribute to the class?
On Wed, Apr 24, 2013 at 8:08 PM, Peter Karunyu <pkarunyu@gmail.com> wrote: Glad it did. Wait till you are able implement MVC then you shall have something to brag about :-)
Just so you and your classmates know, a couple of skunks who are PHP/MySQL "enthusiasts" are putting together a sort of mentorship class, if you interested, let me know.
On 24 Apr 2013, at 18:48, Tony Likhanga <tlikhanga@gmail.com> wrote:
2013/4/24 Andrew Nduati <nduatiandrew@gmail.com> Peter the code has worked!! Thank you all!!
Also the additional security feature is something to brag about when I get to class.
So, was this a class assignment? <32B.gif> <32B.gif><32B.gif> _______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
participants (8)
-
Andrew Nduati -
Kennedy Kairu Kariuki -
Nd'wex Common -
Peter Karunyu -
Tony Likhanga -
Victor Yegon -
Yoni Mutai -
Zack Githinji