jjk2

isn't taht risky? shouldn't the transferring process be encrypted ? what are some free encryptions you can use ?

i probably do not know an option to do what clipperz does....

http://www.phpfreaks.com/forums/index.php/topic,199190.0.html this thread says otherwise....

https://www.clipperz.com/beta/ it logs you in to your websites. for example, clicking direct link, with your stored password and id. it will log you in to the specified site such as Gmail, yahoo, and so on.

well great success i am able to login to some sites using curl running on my webserver. http://myserver.com/curl.php the script logs me in fine and loads the index.php however going to http://theactualsite.com/index.php, i discovered i am not logged in ? is there a way to transfer the cookie generated with curl.php to the user so that he can go to actual site and find himself logged in ?

prismatic, i know what you mean. but my question was specific towards hashed data, as to whether a determined individual could decode it and extract passwords, and other sensitive informations in the db.

thank you haku, that was the explanation i was looking for.

what is the safest way to encrypt/hash the datas on the mysql table why dont everyone decide to encrypt the information on tables, such as ip, username, password, and so on? if a hacker were to hack ing steal the table information, would he be able to read the contents of the mysql table data ? (all username, passwords are encrypted format so all he sees is 234jhl2k3as8979234) thank you!

for example using lighthttpheader extension in firefox i am able to aquire the POST url remember=1&from=%2F&username=NAME&password=SECRET&submit=Login my question is, how can i make php script produce the same encoded POST url ? the problem is, reading the name="" fields of a login page does not suffice....there are always some secret hidden names....in this case from= cannot be found in source code. the php script must be able to capture the encoded POST url when the user clicks on the button.....but im guessing this would require some client program.....

is it possible to do this without client-side scripting? solely rely on server-side ?

as you know the fantastic tool liveHTTPheader for Firefox. i was wondering if I could implement same sort of monitoring in php ? perhaps using apache_request_headers() ? what i'd like to do is acquire the HTTP Header info sent out and received when say a user clicks on a login button or something like that. also, how safe is hashed mysql tables? do the select hashed fields become undecodable to a potential hacker?