Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Back End Try out my first PHP web app! Reply To: Try out my first PHP web app!

#182088
__
Participant

edit

I’m leaving the next four paragraphs because they have useful info. However, I misread your actual question, so what I worte isn’t directly relevant to what you’re asking (just listen to @chrisburton instead). So, feel free to skip this part:

Practically every computer you work with will use 127.0.0.1 as its local address. If you’re working between machines on your local network, it will be different.

As an aside, there shouldn’t be any measurable performance difference between typing http://localhost and http://127.0.0.1. If you have multiple (or oddly configured) webservers running on your computer, or if you’re connecting to some other type of local server (e.g., a database server), then you might have problems… but in general, you shouldn’t.

(You can edit your hosts file and use whatever domain name you like for your local sites. If you’re on windows, it’s usually at %SystemRoot%\system32\drivers\etc\hosts; linux (and also mac AFAIK) are in /etc/hosts. I usually set up local domain names for new projects.)

Your webhost’s IP address can be found by using a whois lookup. Just google it. However, you probably do not want to use an IP address for your hosted website. Especially with shared hosts, it is highly unlikely that your site will be the only one using its IP address. The hostname is the only way you’ll be able to find your site reliably.

edit: start reading again here

your login script:

Yes, that’s how you use prepared statements.

However, that particular query is kind of useless. Why are you asking for the username when you already know the username? Why not ask for the password hash, so you don’t have to run a second statement just for that?

Have you sketched out an overall design for how your login process will work? I often use a process like this:

$sql = 'select password_hash from users where username=?';
//  ...prep/execute statement...

if( /* you got a result */ && password_verify( $password, $password_hash ) ){
    /*  log in  */
    /*  tell them it worked  */
}
else{
    /*  waste some time  */
    time_nanosleep( 0, 500000000 );
    /*  tell them it failed  */
}