forumnz Posted April 24, 2009 Share Posted April 24, 2009 Can anyone provide a link to some info, or write here the theory behind a very secure authentication system in PHP using MySQL? Thanks, Sam. Link to comment https://forums.phpfreaks.com/topic/155458-theory-behind-a-very-secure-authentication-system/ Share on other sites More sharing options...
alphanumetrix Posted April 24, 2009 Share Posted April 24, 2009 I'll tell you the basics: never trust data from users, so always filter. It's considered tainted data. As far as the authentication goes IE: sessions/cookies. Make sure they can't be easily hijacked. IE: if you were allowing admins access by recognizing $_COOKIE['admin'] == 'admin' - then it could easily be hijacked via the URL using javascript: javascript:document.cookie='admin=admin'; Hope that helps some. Link to comment https://forums.phpfreaks.com/topic/155458-theory-behind-a-very-secure-authentication-system/#findComment-818045 Share on other sites More sharing options...
mikesta707 Posted April 24, 2009 Share Posted April 24, 2009 SQL injection prevention tutorial. I assume this is around what you want http://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php this is also a good guide that shows how to make a secure login script (both php4 and php5) http://www.phpeasystep.com/workshopview.php?id=6 Link to comment https://forums.phpfreaks.com/topic/155458-theory-behind-a-very-secure-authentication-system/#findComment-818049 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.