Hi
I've been asked to setup a website where users can setup their own account and have their own profile i need this to be a secure area.
Can someone pls give me some information on the best practises to do this.
Do i need to use a ssl certificate?
Any tutorial links would be good anything just somewhere to start.
Thanks
Secure pages
Moderator: General Moderators
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Re: Secure pages
You can do this simply with HTTP Authentication where the webserver will password protect a directory. Or you can implement a login page for Authentication and have Access Control on the pages you want to be "secure."gum1982 wrote:I've been asked to setup a website where users can setup their own account and have their own profile i need this to be a secure area.
Can someone pls give me some information on the best practises to do this.
Only if you want all information sent between the user and webserver to be encrypted. If by "secure" you only mean controlled access then you do not need SSL.gum1982 wrote:Do i need to use a ssl certificate?
(#10850)
Re: Secure pages
You may also want to read:Forum Rules wrote: 11. Please use proper, complete spelling when posting in the forums. AOL Speak, leet speak and other abbreviated wording can confuse those that are trying to help you (or those that you are trying to help). Please keep in mind that there are many people from many countries that use our forums to read, post and learn. They do not always speak English as well as some of us, nor do they know these aberrant abbreviations. Therefore, use as few abbreviations as possible, especially when using such simple words.
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: Secure pages
HTTP Authentication is simple and easy, but if you want flexibility, you can build a login and a membership system with PHP. PHP comes with a build-in extension called Session. I think you already know this. Have you tried googling? http://lmgtfy.com/?q=php+login+script+session
The bad thing about PHP login scripts is that they are often vulnerable to different kinds of attacks. So, if you decide to take this route, don't hesitate to ask us to evaluate your finished script.
The bad thing about PHP login scripts is that they are often vulnerable to different kinds of attacks. So, if you decide to take this route, don't hesitate to ask us to evaluate your finished script.
Re: Secure pages
Ok thanks for the feedback guys i will be working on a script which hopefully you guys can look over.