dcsimg
www.webdeveloper.com
Results 1 to 5 of 5

Thread: Authentication Question

  1. #1
    Join Date
    Oct 2004
    Location
    WI
    Posts
    2

    Question Authentication Question

    I am just starting out with PHP programming. I have been programming for over 20 years in other languages.

    I have been searching the internet for information about authentication including here. There are many places with information, but I don't think all of the information is secure.

    I have an application on a website that is currently used by only 2 people. I want to add a few more people, and I won't be giving them as much access. The current application puts the password in the URL which isn't very secure. So I need to write a much more secure program. I'm planning on using MySQL to store the user data.

    Is there a site with info that would be easy to merge with what I have without rewriting the whole thing?

  2. #2
    Join Date
    Jul 2003
    Location
    Wales
    Posts
    1,382
    Like you said the best bet is to use SQL to store the data, check the user login information against the data in the SQL database and I'd then suggest you use a session to keep the user loged in.

    RyanJ

  3. #3
    Join Date
    Dec 2002
    Location
    High on life
    Posts
    10,104
    If the password is in the URL, you are probably using the GET method. Try POST, which won't display the form variables in the URL.

  4. #4
    Join Date
    Oct 2004
    Location
    WI
    Posts
    2

    Question

    Actually, the code I inherited starts out with just a list which are URLs. There is no form on the first page.

    My problem is NOT with the HTML, but with the PHP to do session processing of logins.

    I've seen examples using $PHP_AUTH_USER and $PHP_AUTH_PW as well as sessions. What is the right way to do it most securely? And I also need a reference to a site which has examples of the right way to process multiple pages which need to be secure.

  5. #5
    Join Date
    Jul 2003
    Location
    Wales
    Posts
    1,382
    Well... If your interested in security have a read of this thread:

    http://forums.devshed.com/t20525/s.html


    RyanJ

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles