Printer-friendly copy Email this topic to a friend
Lobby High-Tech topic #162126

Subject: "School Me on Secure Login (PHP, of course)" Previous topic | Next topic
alexthezombie
Member since Jan 18th 2004
2950 posts 		Wed Aug-27-08 06:35 AM

Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
"School Me on Secure Login (PHP, of course)"
Wed Aug-27-08 06:37 AM by alexthezombie

  

          

Okay so I'm trying to make my login script a tad more secure then just setting cookies and calling it a day.

I've been looking at using SESSIONS (the way I should have been doing it from the beginning), but I'm unclear on the difference between SESSIONs and COOKIEs as far as security.

Also, I mean, should my script just poll the database for an entry with a matching email, check the password and then set the session values??

Oh and as for storing password... MD5 encryption the way to go?

  
Printer-friendly copy | Reply | Reply with quote


School Me on Secure Login (PHP, of course) [View all] , alexthezombie, Wed Aug-27-08 06:35 AM
 
Subject Author Message Date ID
RE: School Me on Secure Login (PHP, of course)
Aug 27th 2008
1
I think generally you assign the user a session ID when they login
Aug 27th 2008
2
fam you need to just buy a good book on php...
Aug 27th 2008
3
Maybe
Aug 27th 2008
9
      I understand...
Aug 27th 2008
10
Is this a secure method?
Aug 27th 2008
4
see #3
Aug 27th 2008
5
make a database call once. then load the result into the...
Aug 27th 2008
6
oh, and md5(sha1($pass)) is less secure than something like...
Aug 27th 2008
7
      ooooo, I like that
Aug 27th 2008
8
HELP!
Sep 08th 2008
11
call session_start(). And buy a book on php.
Sep 08th 2008
12
      I'm not THAT stupid
Sep 08th 2008
13

Lobby High-Tech topic #162126 Previous topic | Next topic
   

Powered by DCForum+ Version 1.25
Copyright © DCScripts.com