'How can I make this log-in system un-exploitable
I've made a python login system. But i think that this is easily exploitable. I don't really know php and mysql lot so I can't figure out how can I make it protected and server-sided.
Here's my code:
import time
import webbrowser
import os
import mysql.connector
conn = mysql.connector.connect(host="localhost", user="root", password="mysqldatabase",
database="pazearn")
cursor=conn.cursor()
selectquery="select * from accounts"
cursor.execute(selectquery)
records=cursor.fetchall()
addur = 1
epc = 22
print("Welcome to Pazearn")
print("Login to your account\n")
username = input("Username: ")
password = input("Password: ")
money = 0
isval = False
for row in records:
if row[0] == username and row[1] == password:
isval = True
money = row[2]
break
if isval == False:
print("[SYSTEM]: Invalid username or password, restart the program to re-enter.")
time.sleep(10)
quit()
else:
os.system("cls")
print("[SYSTEM]: Welcome back, " + username)
print("[SYSTEM]: Booting system, please wait.")
time.sleep(2)
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|