I have a problems with C#, PHP, MYSQLi. I made a form for Login & Registration system with
This a simple C# function for user registration.
IEnumerator registrar( string name, string username, string email, string password ) {
// This is what sends messages to our php script
WWWForm form = new WWWForm();
// The fields are the variables we are sending
form.AddField("name", name);
form.AddField("username", username);
form.AddField("email", email);
form.AddField("password", password);
//string url = "http://www.my-server.com/registrar.php";
string url = "http://localhost/registrar.php";
UnityWebRequest www = UnityWebRequest.Post(url, form);
// Wait for php to send something back to unity
yield return www.SendWebRequest();
if (
www.isNetworkError || www.isHttpError
) {
Debug.Log("Error!");
} else {
Debug.Log("Complete!");
}}
__
// Database variables
$db_host = "localhost";
$db_user = "root";
$db_password = "test";
$db_name = "test";
// Connect to database.
$db = mysqli_connect($db_host, $db_user, $db_password, $db_name);
// User variables
$name = $db->real_escape_string($_POST["name"]);
$username = $db->real_escape_string($_POST["username"]);
$email = $db->real_escape_string($_POST["email"]);
$password = $db->real_escape_string($_POST["password"]);
$password_hash = password_hash($password, PASSWORD_DEFAULT);
// E-mail can not be empty
if(
!empty($email)
&&
!empty($username)
&&
!empty($password)
) {
// Insert user data
$db->query("INSERT INTO `user`(`username`, `name`, `email`, `password`) VALUES ('$username', '$name', '$email', '$password_hash')");
// Display...
echo "Success!";
} else {
// Display an error
echo "Error!";
}
?>
Everything is OK, The PHP code are work to.
But my problem now what gonna happen if the hackers get the URL of registration page, And make for himself a form just like my form and use my URL of registration page and using.
This is my problem, This problem will hack the Game data Like (Score, Total play, Time play, Otherss data).
So how can I protect & secure (request post) Do I have do something in PHP or C#.
See Question&Answers more detail:os