Tekil Mesaj gösterimi - Cursorun saçmalığı hakkında

Konu Cursorun saçmalığı hakkında

31-05-2025, 22:34:46

cursor a oldum olası pek ısınamamışımdır

Promptta biraz daha ayrıntılı bilgiler vermek gerekiyor. Büyük ihtimalle o nedenle bocalıyordur. Aşağıdaki promptu kendinize göre düzenleyip birşeyler yaptırabilirsiniz:

Develop a secure and robust PHP-based administrative panel login system. The system must adhere to modern security practices and provide a seamless user experience.

**Key Features:**
1. **User Authentication:** Implement a secure login and logout mechanism.
2. **"Remember Me" Functionality:** Allow users to remain logged in for 30 days using a secure, token-based approach.
3. **Centralized Request Handling:** All incoming requests must be routed through `index.php`.
4. **Conditional Redirection:**
* If a user is authenticated, `index.php` must redirect to `dashboard.php`.
* If a user is not authenticated, `index.php` must redirect to `login.php`.
* Upon successful login, `login.php` must redirect the user to `dashboard.php`.

**Technical Requirements:**
* **PHP Version:** Utilize PHP 7.4+ features.
* **Database:** MySQL. Provide the SQL schema for a `users` table including `id` (INT, PK, AUTO_INCREMENT), `username` (VARCHAR, UNIQUE), `password` (VARCHAR, for hashed passwords), `remember_token` (VARCHAR, NULLABLE), and `remember_token_expires_at` (DATETIME, NULLABLE).
* **Security:**
* **Password Hashing:** Employ `password_hash()` and `password_verify()` for secure password storage and verification.
* **SQL Injection Prevention:** Use PHP Data Objects (PDO) with prepared statements for all database interactions.
* **Session Management:** Implement secure session practices, including `session_regenerate_id()` upon login and `httponly` session cookies.
* **"Remember Me" Token Security:** Generate cryptographically secure tokens, store hashed tokens in the database, and use `httponly` cookies for the raw token.
* **Input Validation:** Basic validation for login credentials.
* **CSRF Protection:** Implement a basic CSRF token for the login form.
* **File Structure:**
* `index.php`: Main entry point and router.
* `login.php`: Handles login form display and submission.
* `dashboard.php`: Protected content accessible only to logged-in users.
* `config.php`: Database connection parameters and other configurations.
* `auth.php`: Contains core authentication functions (e.g., `loginUser`, `logoutUser`, `checkAuth`, `handleRememberMe`).
* `database.sql`: SQL script for table creation.
* **Error Handling:** Implement basic error messaging for login failures.

**Deliverables:**
Provide complete, runnable PHP code files for each specified component and the `database.sql` schema. Ensure the code is modular, well-commented, and adheres to professional PHP coding standards.