PHP Password Hash Function

password_hash() handles salting and algorithhm selection for you, its baked into PHP, just use it and don’t worry about how to hash and salt. BCRYPT output uses a fixed limited character set and is OK to use directly in SQL strings. If you need to force to fixed settings

Read More

Simple Site Log In Form

In the head of each page add this Note this must be before any html header are sent (i.e. in php code before html output) Use this as the log in page Use this as an optional log out page

Read More

Sanitising Strings

Sanitising for HTML ‘&’ (ampersand) becomes ‘&’‘”‘ (double quote) becomes ‘”‘“‘” (single quote) becomes ”’‘<‘ (less than) becomes ‘<‘‘>’ (greater than) becomes ‘>’ Sanitising for HTML from a form POST If server magic quotes is turned on then it will add / before a single and double quotes in the text, so strip them out […]

Read More