[PHP] Maintaining authentication credentials for session

[Troy Moreland]

I've read many docs on how to accept an ID and password throughout a session
but it's just over my head I guess!?

What I want to do is have someone login, verify that against LDAP directory.
If the authentication is accepted, hold the credentials until the user
either closes the browser or clicks on a logout link.

I'm relatively new to PHP so talk gently! :)  I am able to browse and modify
user entries using LDAP.  That part isn't a problem.  Integrating what I
have with a session is just hurting my head!

Thanks in advance for your help and time.

Please advise if I posted to wrong forum!

Troy Moreland



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] Encrypt Password for Session

[Troy Moreland]

All,

I am currently using sessions to store a user's ID, password and current
login status.  All works fine.  The only issue is that the session file on
the server is storing the password in plain text.  How do I encrypt that
password and how to I decrypt it for comparing?

Thanks in advance!!

Troy Moreland



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] Encrypt Password for Session

[Troy Moreland]

I fully understand what you are saying.  The problem is that I'm storing
their password so that they don't have to re-enter it on each new page
visited.  If I can't decrypt it, then I can't pass that password for the
user.  How do I keep passing the password then w/o having to write it to the
session.  Is that the right way to do it??

Thanks again!

Troy Moreland

""Ethan Schroeder"" <[EMAIL PROTECTED]> wrote in message
012f01c0deeb$684950d0$e46c28ce@biff">news:012f01c0deeb$684950d0$e46c28ce@biff...
> What I do is md5() encrypt the password and store it in the text file or
> database.  Md5 is a one way algorithm, though, so you can never decrpyt
the
> password.  What you do, is when you want to authenticate a user, you md5
> encrypt the text they typed in and compare that to the md5 hash in your
file
> or database or wherever.  If they match, you let them in.
>
> Ethan Schroeder
>
> - Original Message -
> From: "Troy Moreland" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, May 17, 2001 10:41 AM
> Subject: [PHP] Encrypt Password for Session
>
>
> > All,
> >
> > I am currently using sessions to store a user's ID, password and current
> > login status.  All works fine.  The only issue is that the session file
on
> > the server is storing the password in plain text.  How do I encrypt that
> > password and how to I decrypt it for comparing?
> >
> > Thanks in advance!!
> >
> > Troy Moreland
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] mcrypt for win32

[Troy Moreland]

Can anyone explain how to install the Win32 version of mcrypt? I've
downloaded the Win32 zip file and there are no docs on how to install.
Thanks.




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]