Originally posted by Specter
Very cool, I used to work with PHP and kind of miss it, oh well I may go back to it someday. In my opinion OOP is the most easy to edit and keeps things nice and organized, and OOP for PHP isn't too hard of a concept for newbies to grasp, there's plenty of online resources as well.
As for suggestions, I'd suggest having a fairly secure db class (although you mentioned prepared statements so it looks like you have that), and a decent hash method for things like passwords (for some reason a lot of people use the incredibly insecure MD5, would be nice to see something more secure =D). I'd love to help out on this if you ever need it.
The password function in PHP is the recommended, most use
You must login or register to view this content. probably because they don't even know about
You must login or register to view this content.. Some people don't take their time and go into depth with learning PHP.
Originally posted by Passion
Forum (Small one, able to post threads, reply)
AdminCP, StaffCP,
Admin able to delete/ban users.
Staff is able to give temporarily bans.
Blowfish for passwords + salt
Good luck!
That's what is good about the password_hash() function, it takes "CRYPT_BLOWFISH" as a constant, you can also set a salt, but it will do it automatically for you. You can set a salt like the following:
$salt = [
'salt' => 'salt here',
];
So to create your hashed password, you'd want to do:
password_hash('password', PASSWORD_BCRYPT);
Or with a salt:
$salt = [
'salt' => 'salt here',
];
password_hash('password', PASSWORD_BCRYPT, $salt);
I'm honestly not familiar with the "cost", so there's nothing I can do to explain it.