| From: | "Martin A(dot) Marques" <martin(at)math(dot)unl(dot)edu(dot)ar> |
|---|---|
| To: | "Christian Marschalek" <cm(at)chello(dot)at>, "PostgreSQL [PHP]" <pgsql-php(at)postgresql(dot)org> |
| Subject: | Re: Re: Re: Secure pages |
| Date: | 2001-03-13 22:42:26 |
| Message-ID: | 01031319422609.24705@math.unl.edu.ar |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-php |
El Mar 13 Mar 2001 19:23, Christian Marschalek escribió:
> Why not ask for a password, encrypt it (with 128bit or something;), check
> it with the database (which has the encyrpted pwds) and pass the encrypted
> password from page to page...
>
> like: <a href="blah.php?encryptedpassword">
Horrible idea!! Even with an encrypted password. Use PHP sessions, and save
any info on the session (this is saved on a temp file on the server, and only
the session handle is passed to the browser).
--
System Administration: It's a dirty job,
but someone told I had to do it.
-----------------------------------------------------------------
Martín Marqués email: martin(at)math(dot)unl(dot)edu(dot)ar
Santa Fe - Argentina http://math.unl.edu.ar/~martin/
Administrador de sistemas en math.unl.edu.ar
-----------------------------------------------------------------
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christian Marschalek | 2001-03-14 01:39:28 | RE: Re: Re: Secure pages |
| Previous Message | Chris | 2001-03-13 22:32:06 | RE: Re: Re: Secure pages |