I am creating a single user secure login based on this:
http://www.phpnoise.com/tutorials/26/1
Can anyone see any potential security issues with this method? Where should
I store the password/username can I just have it located in the pagehead?
R.
Ross:
Yes, as Stut pointed out, the example above is problematic.
What kind of secure log-in are you wanting?
[1] http://sperling.com/a/pw/index.php
[2] http://sperling.com/a/users/index.php
In [1] the password and user id are "test". The user id and password
are stored in the header of the script, but they could be included in
an php configuration script. I think that method is secure.
In [2] the password is emailed to you AND your user id and password
are stored in a MySQL.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
