FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Digest Authentication
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Digest Authentication [message #179961 is a reply to message #179868] Sat, 22 December 2012 19:15 Go to previous messageGo to previous message
legalize+jeeves is currently offline  legalize+jeeves
Messages: 21
Registered: September 2010
Karma:
Junior Member
[Please do not mail me a copy of your followup]

Jerry Stuckle <jstucklex(at)attglobal(dot)net> spake the secret code
<kae95p$7m5$1(at)dont-email(dot)me> thusly:

> Additionally, I think a very low percentage of PHP sites use such
> authentication. Most have their own login page (using https protocol).
> Once the user logs in, the script sets the appropriate information in
> the $_SESSION array. Pages which require login just check for the
> necessary data in the $_SESSION array, and if incorrect, redirect the
> user to the login page. If the data are correct, the script just
> continues with what it's supposed to do.

I recently implemented this exact mechanism for an open source project.
Additionally, I would add that you shouldn't store cleartext passwords
in the database, but instead store a crytographic hash of the password
and compare hashes to authenticate. This means that if someone gets
ahold of your database, they still don't know cleartext passwords.

My implementation is located here: <http://manx.codeplex.com>
--
"The Direct3D Graphics Pipeline" free book <http://tinyurl.com/d3d-pipeline>
The Computer Graphics Museum <http://computergraphicsmuseum.org>
The Terminals Wiki <http://terminals.classiccmp.org>
Legalize Adulthood! (my blog) <http://legalizeadulthood.wordpress.com>
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Using echo to run separate PHP script from HTML
Next Topic: simple dating site
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Nov 30 09:04:22 GMT 2024

Total time taken to generate the page: 0.04788 seconds