Thread: Help me

    #1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2013
    Posts
    1
    Rep Power
    0

    Help me


    please help me to call this url in php

    "http://obewesms:8080/DCreditCheck/checkcredits?username=$userid&password=$pass
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Jul 2003
    Posts
    3,401
    Rep Power
    594
    There are 10 kinds of people in the world. Those that understand binary and those that don't.
  4. #3
  5. No Profile Picture
    I haz teh codez!
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Dec 2003
    Posts
    2,548
    Rep Power
    2337
    Sending username and password in a GET request in the clear?

    Major, MAJOR security fail.
    I ♥ ManiacDan & requinix

    This is a sig, and not necessarily a comment on the OP:
    Please don't be a help vampire!
  6. #4
  7. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,871
    Rep Power
    6351
    It's an internal LAN server, based on the URL they're using. Slightly less fail, but still dumb.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2012
    Location
    Virginia
    Posts
    46
    Rep Power
    3
    Simple you want to use PHP's GET. Now excuse me while make a suggestion. Don't store passwords in a URL string, and while storing the ID there isn't as bad as the password, However I still suggest that be kept somewhat more secure by embracing something called a SESSION do this and you will make a far more secure authentication system for your application.
    If my post answered your question please give rep.

IMN logo majestic logo threadwatch logo seochat tools logo