Web Development Questions That Don't Need Their Own Thread v2 - Developers

[QUOTE=Raptor;32171002]Yeah it's a similar idea. But it would be a little more customizable. Window size and position would be whatever you'd like it to be. Plus, I don't really like the style of it. Feels kinda cluttered in my opinion[/QUOTE] That's a hefty project for not knowing much of web design.

[QUOTE=toaster468;32171091]That's a hefty project for not knowing much of web design.[/QUOTE] Yeah I know :suicide: I guess my main question here is- Is it worth pursuing if it's done correctly?

What's a decent IDE for general web dev? I'm looking for one that has can upload from the IDE, and has an autocomplete similar to NetBeans (I forgot what it's called though) [img]http://imgf.tw/671730463.png[/img] I heard NetBeans was good, but the upload feature doesn't work for me, so I need to find another one.

Maybe try the Microsoft web developer studio? Haven't used it much since I just use sublime text but might be worth a look.

How do you [B]securely [/B]remember if a user is logged in using a cookie?

[QUOTE=Lequinx;32176005]How do you [B]securely [/B]remember if a user is logged in using a cookie?[/QUOTE] Store username and encrypted password in a cookie (after logging in). If the cookie data is set then log the user in automatically. If there is no cookie then obviously direct them to the log in page. If they logout then delete the cookie. Only way someone can snatch it is if they have access to the user's personal cookie file, but the password is also encrypted.

[QUOTE=Anti Christ;32172873]What's a decent IDE for general web dev? I'm looking for one that has can upload from the IDE, and has an autocomplete similar to NetBeans (I forgot what it's called though) [img]http://imgf.tw/671730463.png[/img] I heard NetBeans was good, but the upload feature doesn't work for me, so I need to find another one.[/QUOTE] Vim :v: [img]http://cl.ly/2G0v1r3c2h1w1n2C190t/Image_2011-09-08_at_6.03.10_PM.png[/img] Ctrl + X + O for autocomplete, and [url=http://www.vim.org/scripts/script.php?script_id=1075]Netrw[/url] for uploading. Plus, you just can't say no to hot pink! Actually I don't know if I want to recommend Vim or not for being able to upload, since I've only used Netrw for local directory browsing (I use FireFTP for FTP, WinSCP for SCP but considering using it for FTP too), plus I'm still very new to Vim, but oh well :v:

[url]http://www.easyphp.org/[/url] anyone else use this? it is pretty nice i can put it on a usb drive and take it to school, with no reg errors.

[QUOTE=R1Z3;32176733]Store username and encrypted password in a cookie (after logging in). If the cookie data is set then log the user in automatically. If there is no cookie then obviously direct them to the log in page. If they logout then delete the cookie. Only way someone can snatch it is if they have access to the user's personal cookie file, but the password is also encrypted.[/QUOTE] Also, for what it's worth, [url=http://www.gnucitizen.org/blog/why-httponly-wont-protect-you/]HTTP-Only cookies.[/url]

[QUOTE=R1Z3;32176733]Store username and encrypted password in a cookie (after logging in). If the cookie data is set then log the user in automatically. If there is no cookie then obviously direct them to the log in page. If they logout then delete the cookie. Only way someone can snatch it is if they have access to the user's personal cookie file, but the password is also encrypted.[/QUOTE] I advice against this. You shouldn't encrypt the password but hash it. The best thing to do would be to not send it back where it could be intercepted by someone, but generate a random hash and put it in a session. You then check that one with the one in the DB.

Don't stick hashed passwords in cookies either. That opens you up to rainbow table attacks. Store a unique hash that is used explicitly to verify the cookies.

I am looking for a simple file upload/file dump script with a working progress bar in PHP with javascript, anyone know of any?

I like this one: [url]http://valums.com/ajax-upload/[/url] It uses JQuery.

[QUOTE=commander204;32183064]I like this one: [url]http://valums.com/ajax-upload/[/url] It uses JQuery.[/QUOTE] Not seen this one before cheers!

Anyone have any suggestions for best practices towards creating a new site using Drupal 7? I've always found the markup it generates to be pretty bloated, anything I can do to prevent that?

If I want to make a chat with 5-15 users at once, would I need to use a Comet-server? Or is it possible to do with pure PHP & JavaScript (Ajax)? I'd like the delay between message sent->message shown to be minimal.

I got a whole Cd full of tutorials on a website making, if you want it, i can just upload it to a file sharing site :P Link :P :[url]http://www.mediafire.com/?x82n74n2wadt8fv[/url]

Is this a good security measure: [php] session_start(); session_regenerate_id(); [/php]

[QUOTE=Lequinx;32205296]Is this a good security measure: [php] session_start(); session_regenerate_id(); [/php][/QUOTE] It prevents session hijacking, but a new cookie has to be sent and changed on every page load.

[QUOTE=Lequinx;32205296]Is this a good security measure: [php] session_start(); session_regenerate_id(); [/php][/QUOTE] Not really (as Jelly said, excess cookie sending). Store the users IP in the session, match that against the IP, limits session stealing to computers running on the same external IP.

Or you could just change their session id every 5-10 minutes.

I'm really new to running web servers and PHP, and instead of buying a host I decided to setup my spare PC as just a testing environment where I can try out PHP which only I can access, and basically I think either my PHP is wrong or my server settings are wrong; when I view my site on my server I get: [img]http://puu.sh/5qN4[/img] Yet when I put it on a free host to check if it's my PHP or my server I get this: [img]http://puu.sh/5qNh[/img] I'm running a default install of WAMP Server 2.1, do I need to change some PHP settings or something?

[QUOTE=Adzter;32212059]I'm really new to running web servers and PHP, and instead of buying a host I decided to setup my spare PC as just a testing environment where I can try out PHP which only I can access, and basically I think either my PHP is wrong or my server settings are wrong; when I view my site on my server I get: [img]http://puu.sh/5qN4[/img] Yet when I put it on a free host to check if it's my PHP or my server I get this: [img]http://puu.sh/5qNh[/img] I'm running a default install of WAMP Server 2.1, do I need to change some PHP settings or something?[/QUOTE]Just a tip, change that second else { if() { to [php] elseif (isset($userid)) { [/php]

[QUOTE=Octave;32212278]Just a tip, change that second else { if() { to [php] elseif (isset($userid)) { [/php][/QUOTE] Changed it, thanks, but any idea what's up with it displaying differently

Well it seems like your server isn't parsing the php at all. Do you have php installed correctly?

[QUOTE=Octave;32212379]Well it seems like your server isn't parsing the php at all. Do you have php installed correctly?[/QUOTE] It's just a default install so unless I have to change some settings then yeah it should be installed correct, is there any way to run a test? a debug page or such?

[QUOTE=Adzter;32212464]It's just a default install so unless I have to change some settings then yeah it should be installed correct, is there any way to run a test? a debug page or such?[/QUOTE] If you are having issues try using WAMP or Server2Go as it sounds like all you are trying to run is php by its self.

[QUOTE=hacksore;32212512]If you are having issues try using WAMP or Server2Go as it sounds like all you are trying to run is php by its self.[/QUOTE] [QUOTE=Adzter;32212059] I'm running a default install of WAMP Server 2.1[/QUOTE]

I've got apache, PHP and mysql all running if that helps

[QUOTE=Fizzadar;32206570]Not really (as Jelly said, excess cookie sending). Store the users IP in the session, match that against the IP, limits session stealing to computers running on the same external IP.[/QUOTE] User agent is fun too.