I have found the mod_auth_pgsql module to be the easiest way to
implement this function. Does anyone know if it takes the points
mentioned below into consideration?
Stephan
-----Original Message-----
From: Vince Vielhaber [mailto:vev@michvhf.com]
Sent: Wednesday, 26 December 2001 2:25 PM
To: Andrew McMillan
Cc: Stephan Borg; pgsql-php@postgresql.org
Subject: Re: [PHP] WWW-Authentication and Postgresql
<snip>
A couple of quick gotchas. 1) make sure you filter out all unwanted
characters so someone can't execute sql calls inside of a username or
password. 2) On failure make sure you send a 401 to the browser just
like you do initially when asking for the password to clear out the old
one - you can also use this to handle logouts.
Vince.
--
========================================================================
==
Vince Vielhaber -- KA8CSH email: vev@michvhf.com
http://www.pop4.net
56K Nationwide Dialup from $16.00/mo at Pop4 Networking
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
========================================================================
==
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
