Jump to content

Search the Community

Showing results for tags 'dynamic user interface'.

  • Search By Tags

    Type tags separated by commas.

  • Search By Author

Content Type


Forums

  • Welcome to PHP Freaks
    • Announcements
    • Introductions
  • PHP Coding
    • PHP Coding Help
    • Regex Help
    • Third Party Scripts
    • FAQ/Code Snippet Repository
  • SQL / Database
    • MySQL Help
    • PostgreSQL
    • Microsoft SQL - MSSQL
    • Other RDBMS and SQL dialects
  • Client Side
    • HTML Help
    • CSS Help
    • Javascript Help
    • Other
  • Applications and Frameworks
    • Applications
    • Frameworks
    • Other Libraries
  • Web Server Administration
    • PHP Installation and Configuration
    • Linux
    • Apache HTTP Server
    • Microsoft IIS
    • Other Web Server Software
  • Other
    • Application Design
    • Other Programming Languages
    • Editor Help (PhpStorm, VS Code, etc)
    • Website Critique
    • Beta Test Your Stuff!
  • Freelance, Contracts, Employment, etc.
    • Services Offered
    • Job Offerings
  • General Discussion
    • PHPFreaks.com Website Feedback
    • Miscellaneous

Find results in...

Find results that contain...


Date Created

  • Start

    End

Last Updated

  • Start

    End

Filter by number of...

Joined

  • Start

    End

Group

AIM

MSN

Website URL

ICQ

Yahoo

Jabber

Skype

Location

Interests

Age

Donation Link

Found 1 result

  1. jdlev
    Hi guys, Had a few questions. First off, my gear. Using CS5.5 for development with server 2003 iis6.0. What I'm developing is pretty straight forward, and has the following features: 1) Secure form people use to register company info & user info. 2) Once logged in, users will be able to post/update/edit/delete information about funerals to a universal funeral info database. 3) There will be two types of user accounts. An admin that can see all funeral information from all funeral homes, and then funeral home accounts that will only be able to see their individual account data. That's it...so I had a few questions... 1) I've been able to create a registration form pretty easily, and it posts to my database no problem. Only one issue that I can see right now. The password column shows the actual password...no encryption. Is there an easy way to encrypt the passwords that won't harm a user's ability to access their individual account? 2) I'm using dreamweaver's user authentication to allow access to restricted areas within the web site. When a person log's in, it verify's their information by checking their username/pwd. Then it further restricts a persons ability to view everything by fetching an access level associated with each user. I was able to echo and print the access level variable, which correlates to the user's account number. I want to use this information in a dynamic page that lists all records (funerals) associated with that account number. I can do that easily enough, but is PHP secure enough to prevent someone from logging in with a username & password and simply changing the account number (aka access level), and then running amuck with the funeral listings? Is that what's called an SQL injection attack? 3) I suppose I could add some more security, but not sure if it would help? What if instead of not just searching the account number for their funeral information, it matched their account number AND the name of the company when it pulled in information from the universal database? I want to make sure this is secure since we're dealing with funeral homes. It would take a sick #$#@ to screw with someone's funeral information, but I'd rather be safe than sorry. Thanks for any advice folks
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.