Sheepoholics
New Member
- Messages
- 266
- Reaction score
- 0
- Points
- 0
So basically I'm working with security in php and am right now testing some very basic stuff. I'm wondering if you (with a little hacking knowledge) be able to successfully get into a file. So basically this is what I have set up right now.
An Html form like so
which connects to a php file that looks something like this.
Doing a security system like this seems to be farliy secure because when you view the source phpfile1.php
all you see is the raw output of either
"Password Correct"
or
"Wrong Password"
even when you go to the page directly it will still display
"Wrong Password"
Are there any holes in this?
http://www.sheepoholics.x10hosting.com/phpstuff/stuuf.html
is a test of it if you wanna look. (the password is not the same)
An Html form like so
Code:
<form action="phpfile1.php" method="post">
<p><input type="text" name="post" /></p>
<p><input type="submit" /></p>
</form>
PHP:
<?
if ($name == seceretpassword)
{
echo "Password Correct";
} else {
echo 'Wrong Password';
}
?>
all you see is the raw output of either
"Password Correct"
or
"Wrong Password"
even when you go to the page directly it will still display
"Wrong Password"
Are there any holes in this?
http://www.sheepoholics.x10hosting.com/phpstuff/stuuf.html
is a test of it if you wanna look. (the password is not the same)