How does one SAFELY secure the administration part with a username and password?
I have a site where usernames and passwords are stored in a MySql database and I'm looking for the "best" way to secure the pages that only the siteusers should have access to.
Secure login
Moderator: General Moderators
-
laserlight
- Forum Commoner
- Posts: 28
- Joined: Wed Jan 01, 2003 6:41 am
The site a...
The site I'm making is just a "educational" site for guitar freaks. I'm making a community which allows them to exchange tips and music sheets.
Therefor using SSL is a bit extreme, but to me personally the security of the community members profile data is a must!
I'm not specially happy with cookies, so that leaves me with the option to create a file that checks for logon and include it in every php file that is a part of the administration(how should this file be done?).
This seems to me to be a good idea, but if there are other solutions I would be glad to hear them.
Therefor using SSL is a bit extreme, but to me personally the security of the community members profile data is a must!
I'm not specially happy with cookies, so that leaves me with the option to create a file that checks for logon and include it in every php file that is a part of the administration(how should this file be done?).
This seems to me to be a good idea, but if there are other solutions I would be glad to hear them.
when you are making an new account for some one make sure you encrypt it, because when somebody can enter the database he will have all the logins and passwords. so make sure you use MD5 to encrypt.
The password will be the same, but in the database it generates a strange string that is not the same as the password.
Look for more information on php.net/md5
The password will be the same, but in the database it generates a strange string that is not the same as the password.
Look for more information on php.net/md5