forumnz Posted April 24, 2009 Share Posted April 24, 2009 Can anyone provide a link to some info, or write here the theory behind a very secure authentication system in PHP using MySQL? Thanks, Sam. Quote Link to comment Share on other sites More sharing options...
alphanumetrix Posted April 24, 2009 Share Posted April 24, 2009 I'll tell you the basics: never trust data from users, so always filter. It's considered tainted data. As far as the authentication goes IE: sessions/cookies. Make sure they can't be easily hijacked. IE: if you were allowing admins access by recognizing $_COOKIE['admin'] == 'admin' - then it could easily be hijacked via the URL using javascript: javascript:document.cookie='admin=admin'; Hope that helps some. Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted April 24, 2009 Share Posted April 24, 2009 SQL injection prevention tutorial. I assume this is around what you want http://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php this is also a good guide that shows how to make a secure login script (both php4 and php5) http://www.phpeasystep.com/workshopview.php?id=6 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.