PHP & security: .htaccess or PHP sessions?
Posted: Wed Jun 25, 2003 5:15 am
Hi,
I want to use PHP to manage restricted access pages. They have to be of course 99,9% safe.
First, I want to use a MySQL database to manage groups/members
I know two methods: .htaccess and sessions.
I think using sessions is better because you can integrate the login screen in a page and you're not dependent on the .htaccess files.
But is is a PHP Session variable together with safe enough (read: as safe as .htaccess)?
Please share any thoughts you have on this issue.
Regards,
Hessel
[/i]
I want to use PHP to manage restricted access pages. They have to be of course 99,9% safe.
First, I want to use a MySQL database to manage groups/members
I know two methods: .htaccess and sessions.
I think using sessions is better because you can integrate the login screen in a page and you're not dependent on the .htaccess files.
But is is a PHP Session variable
Code: Select all
$login = "ok";Code: Select all
if ($login == "ok") dispay_page();Please share any thoughts you have on this issue.
Regards,
Hessel
[/i]