08-25-2010, 02:51 AM
How exactly should login data be handled other than mysql_escape_string, what parts need to be cookied stored, etc?
[PHP] Secure Logins?
|
08-25-2010, 02:51 AM
How exactly should login data be handled other than mysql_escape_string, what parts need to be cookied stored, etc?
08-25-2010, 06:13 AM
It really depends on the script. It it's a forum, then it's something, if it's an user panel, it's another thing.
08-26-2010, 09:44 AM
store the username and some sort of session key that expires every X minutes and only works if the current ip matches last login ip.
08-26-2010, 01:49 PM
(08-26-2010, 09:44 AM)Iarkey Wrote: store the username and some sort of session key that expires every X minutes and only works if the current ip matches last login ip. Use a cookie. in the log in block put this PHP Code: $x = 3600; // time to expire you can check if they match by doing this PHP Code: if($_COOKIE['IP'] == $_SERVER['REMOTE_ADDR']){
08-26-2010, 03:24 PM
(08-26-2010, 01:49 PM)Proof Wrote: Use a cookie.Then someone can just steal the cookie D:
08-26-2010, 03:52 PM
08-26-2010, 04:15 PM
08-26-2010, 05:30 PM
08-26-2010, 06:22 PM
|
« Next Oldest | Next Newest »
|
Possibly Related Threads… | |||||
Thread | Author | Replies | Views | Last Post | |
PHP Framework List: An Ultimate Guide to 102 PHP Frameworks for Web Developers | tk-hassan | 0 | 943 |
07-27-2020, 11:26 PM Last Post: tk-hassan |
|
PHP Video Tutorials (PHP For Beginners) | Eleqtriq | 4 | 3,671 |
10-10-2011, 01:00 PM Last Post: Greyersting |