probably a super basic HTML question

[spellmanuk]

so I'm fumbling my way around HTML after not using it since I left school, just for fun I am making a landing page with a UN and password login box that was fairly easy for me to to set up however i want to actually tie that to an actual list of usernames and passwords 

 

im guessing the best way to do it is using PHP?

 

please forgive me its been about 8 years since I learned HTML so I am very rusty 

[WereCatf]

11 minutes ago, peej said:

im guessing the best way to do it is using PHP?

PHP, node.js, Python etc. -- there's plenty to choose from.

[MisterWhite]

Just add to the infinite list, you call ANY API in the backend with some basic Javascript. The submit form box just sends an HTTP POST request. Though if you are just starting PHP would be the simplest to integrate. 

[Triekster]

If you want to build a simple login system then PHP is a pretty straightforward start. It's actually easy to use and get something up and running quickly. Take note that PHP has some pitfalls regarding validation that you should familiarize yourself with.

 

Most systems use mysql/mariadb to store passwords and its recommended over simple flatfile or hardcoded.

 

Once you have advanced to a basic/intermediate understanding of how PHP works you can look into laravel or symfony as they are solid frameworks for rapid development.

 

Just keep in mind that the internet is not like it's used to be and login systems need extremem hardening to survive if you put it out in the wild.Modern login systems have a ton of features required so they won't get hacked.

 

Some basic things to look at.

• Do not store password unsalted and unhashed
• use session tokens.
• Regenerate your session token.
• Always use parameterized queries.
• Limit the amount of times someone can use the login form in x time (on the server side).
• use a content_security_policy.
• use === instead of == in php.

Just my 2 cents. Happy Programming.