DanielWhite Posted April 5, 2008 Share Posted April 5, 2008 Am I right to say the the 'bin' folder is private? I am looking for a way to make mysql connection A LOT lighter. So I was wondering, if the following would work and be secure: User fills in login form. Form gets submitted. PHP connects to MySQL database. If all is good, a cookie with the username and password (MD4/MD5/SHA-1) in is created. A file is created in the 'bin' folder with user details inside from the MySQL db called $username$password.php Then on my pages I can use the cookie to import the exact user file and therefore load up there user information if needed. Any problems with this idea? Thank you, Daniel White Quote Link to comment Share on other sites More sharing options...
dbldee Posted April 5, 2008 Share Posted April 5, 2008 To where is your form data submitted ? Quote Link to comment Share on other sites More sharing options...
DanielWhite Posted April 5, 2008 Author Share Posted April 5, 2008 To where is your form data submitted ? Well it's just a typical login form. Submitted to the PHP page. Quote Link to comment Share on other sites More sharing options...
DanielWhite Posted April 6, 2008 Author Share Posted April 6, 2008 *Bump* Quote Link to comment Share on other sites More sharing options...
DanielWhite Posted April 6, 2008 Author Share Posted April 6, 2008 *Bump* Quote Link to comment Share on other sites More sharing options...
hitman6003 Posted April 6, 2008 Share Posted April 6, 2008 Why not just use session variables to store user data? Quote Link to comment Share on other sites More sharing options...
DanielWhite Posted April 7, 2008 Author Share Posted April 7, 2008 Well wouldn't they get deleted when the session ends? Quote Link to comment Share on other sites More sharing options...
trq Posted April 7, 2008 Share Posted April 7, 2008 Any problems with this idea? No real problems with it, seems quite pointless however. Quote Link to comment Share on other sites More sharing options...
cooldude832 Posted April 7, 2008 Share Posted April 7, 2008 Well wouldn't they get deleted when the session ends? you don't need to store passwords in the cookie you need the basic relevant user data that will be carried from page A->B for the user in your session/user i.e (userid, username) as for being deleted yes it gets deleted periodically after their "session" dies, but that isn't a big deal in my opinion. storing a concurrent file for each user would be ever worse then recreating files Quote Link to comment Share on other sites More sharing options...
DanielWhite Posted April 7, 2008 Author Share Posted April 7, 2008 Any problems with this idea? No real problems with it, seems quite pointless however. Not pointless. My host just does not allow very many MySQL connections and when the limit is reached (A lot of the time) I get a horrible ERROR page. So by doing this that error page shouldn't come up. Quote Link to comment Share on other sites More sharing options...
cooldude832 Posted April 7, 2008 Share Posted April 7, 2008 if your site is that good maybe you should get a "good" host Quote Link to comment Share on other sites More sharing options...
DanielWhite Posted April 7, 2008 Author Share Posted April 7, 2008 if your site is that good maybe you should get a "good" host Very true, but that £$£$ is the issue there. Thanks for the help though everybody Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.