Home > mailing lists

RE: Re: Re: Secure pages - Mailing list pgsql-php

From	Christian Marschalek
Subject	RE: Re: Re: Secure pages
Date	March 13, 2001 20:22:22
Msg-id	NEBBJIFEELNNHFCELNFJMEPOCAAA.cm@chello.at Whole thread Raw
In response to	Re: Re: Secure pages (Timothy_Maguire@hartehanks.com)
Responses	RE: Re: Re: Secure pages (Chris <csmith@squiz.net>) Re: Re: Re: Secure pages ("Martin A. Marques" <martin@math.unl.edu.ar>)
List	pgsql-php

Tree view

Why not ask for a password, encrypt it (with 128bit or something;), check it
with the database (which has the encyrpted pwds) and pass the encrypted
password from page to page...

like: <a href="blah.php?encryptedpassword">
or just a variable which is one indicating that the password was typed in
correctly at least once!

For the mater of direct accessing you could just check if the pwd (or the
var) was passed (is one) and if not -> well no access...

You could also use a cookie and check for it (with the encrypted pwd) but (I
don't know why) cookies seem preaty unsafe too me :o)

just my two cents;)

pgsql-php by date:

From: Timothy_Maguire@hartehanks.com
Date: 13 March 2001, 19:01:16
Subject: Re: Re: Secure pages

From: Grant
Date: 13 March 2001, 20:23:56
Subject: Re: Secure pages

RE: Re: Re: Secure pages - Mailing list pgsql-php

Previous

Next