{"id":69,"date":"2025-06-04T04:28:47","date_gmt":"2025-06-04T04:28:47","guid":{"rendered":"https:\/\/gurencodes.com\/blog\/wordpress\/?p=69"},"modified":"2025-06-04T05:01:47","modified_gmt":"2025-06-04T05:01:47","slug":"project-27-an-upload-page-thats-behind-a-login-screen","status":"publish","type":"post","link":"https:\/\/gurencodes.com\/blog\/wordpress\/index.php\/2025\/06\/04\/project-27-an-upload-page-thats-behind-a-login-screen\/","title":{"rendered":"Project #27:\u00a0An upload page that&#8217;s behind a login screen"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/safebooru.org\/\/samples\/4367\/sample_942514d15908b78d1e91e65df709f81ed8d12304.jpg?5821220\" alt=\"1girl bathroom bow bowtie chu_(ch_u_ing) closed_mouth commentary different_reflection eyes_visible_through_hair finger_to_mouth hair_ornament hair_over_one_eye hand_mirror highres indoors long_hair looking_at_viewer mirror mouth_hold nijisanji pink_eyes pink_hair plaid_clothes plaid_skirt ponytail red_bow red_bowtie red_skirt reflection shiina_yuika skirt smile solo sweater symbol-only_commentary toothbrush virtual_youtuber white_sweater\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/gurencodes.com\/pages\/uploadpagebehindloginscreen\/login.php\" data-type=\"link\" data-id=\"https:\/\/gurencodes.com\/pages\/uploadpagebehindloginscreen\/login.php\">Link<\/a><\/p>\n\n\n\n<p><strong>Estimated date of creation:<\/strong>&nbsp;May 16th, 2025<\/p>\n\n\n\n<p><strong>Status:<\/strong>&nbsp;Online \ud83d\udfe2<\/p>\n\n\n\n<p>I still don&#8217;t fully trust the internet. In this journey of learning full-stack and back-end development, I&#8217;ve been thinking a lot about how not to get my site blown up. I go through a VPS host, and don&#8217;t want their computer to get compromised, don&#8217;t want weird stuff in my storage, and also don&#8217;t want my own credentials to get leaked. I&#8217;ve had to learn quite a bit about Linux security already, such as learning file permissions, keeping SSH access off for the root account, keeping sensitive information outside of the Apache domain root, etc.<\/p>\n\n\n\n<p>Well, I&#8217;m interested in creating more advanced websites in the future, where someone could upload something to their account. Today&#8217;s project is about letting me (and only me) log into a page, and then upload something to the server. I don&#8217;t currently trust the internet enough to just leave an open upload link sitting on a webpage, where they can&#8217;t get back their data but can upload whatever. Seems like a recipe for having weird stuff uploaded to my server. I don&#8217;t really want that.<\/p>\n\n\n\n<p>Anyways, this was quite a challenge. This was a combination of 3 major steps I&#8217;ve been working on lately, which is database usage (it calls my credentials out of the database), login screens, and upload pages.<\/p>\n\n\n\n<p>I&#8217;ll try to add picures here soon to show what&#8217;s actually happening behind the scenes, since this is one of my mysterious entries.<\/p>\n\n\n\n<p>Certain PHP functions I learned for this were session variable stuff like session_start() and session_destroy(), all the MySQLi connect methods like query() and fetch_assoc(), and some stuff in the &#8220;PHP.ini&#8221; file. Also, the PHP basename() function, and much more. I&#8217;ve been learning quite a bit with each of these projects, although they do probably look like pretty small steps, or even non-projects.<\/p>\n\n\n\n<p>\u00af\\_(\u30c4)_\/\u00af<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Link Estimated date of creation:&nbsp;May 16th, 2025 Status:&nbsp;Online \ud83d\udfe2 I still don&#8217;t fully trust the internet. In this journey of learning full-stack and back-end development, I&#8217;ve been thinking a lot about how not to get my site blown up. I go through a VPS host, and don&#8217;t want their computer to get compromised, don&#8217;t want [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-69","post","type-post","status-publish","format-standard","hentry","category-code-projects"],"_links":{"self":[{"href":"https:\/\/gurencodes.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/posts\/69","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gurencodes.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gurencodes.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gurencodes.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/gurencodes.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/comments?post=69"}],"version-history":[{"count":2,"href":"https:\/\/gurencodes.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/posts\/69\/revisions"}],"predecessor-version":[{"id":87,"href":"https:\/\/gurencodes.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/posts\/69\/revisions\/87"}],"wp:attachment":[{"href":"https:\/\/gurencodes.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/media?parent=69"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gurencodes.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/categories?post=69"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gurencodes.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/tags?post=69"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}