Well you wouldn't reley on the js to stop people submitting invaild letters.. like a said it would be a useablilty thing.Some browsers don't have JS enabled, and you can also use inspect element to get around JS disabling the submit button. Again, preference. Both work, just in different ways.
If you don't want to investigate this stuff use bcrypt. And if you do want to investigate this stuff you'll find out that bcrypt is the way to go anyway. Both MD5 and SHA are completely deprecated for hashing passwords. They're too easy to brute-force. Bcrypt is developed with this in mind and is also future-proof.Well guys about hashes.It is impossible to make a totally secure system.As I dont store too sensitive data about user I will use SHA512
I don't think there is any reasonable reason to restrict characters in password, just use normal method of interaction with database (for example PDO) and don't execute person input ever. It is a pain for users of password managing programs to change rules of password generation. Also don't use md5 for password storage, use crypt() function with CRYPT_SHA256/512 or CRYPT_BLOWFISH with appropriate number of rounds and use openssl for salt in case database gets leaked (due to for example SQL injection).
So this is a repost of my last thread because someone abused the admin and published not allowed content so now I am happy for the warning
But for those who didn't seen my last thread(Think a lot didn't).This is a blog like CMS thingy written by me in PHP/HTML.More simply a website.I will update this as often as I can but I'm just a student ,I have schools so I can't do this all the time.I spent a whole weekend on the v0.2 but finally is done
How to install: