List:General Discussion« Previous MessageNext Message »
From:Sasha Pachev Date:May 16 1999 8:47pm
Subject:Re: PHP Tracking of Variables (was) Per User Password Administration
View as plain text  
Van wrote:
> 
> Well, I've gotten through the authentication mechanics, and, although
> Monty and several others posted some simple but usefull techniques to
> create user authentication for a Web-Enabled time sheet application, I
> decided to create a separate database and table for the users, for
> several reasons.  Most important was to keep the mysql user tables out
> of harms way.
> Problem I'm having is variables getting set but, not staying alive after
> authentication is successful.  This may be a little off topic, but, if
> anyone knows a way to keep user-defined variables alive while going from
> page to page, I could sure use a tip.  If anyone's interested, I could
> send source code for the authentication scheme.
> Regards,
> Van
> --

Does PHP have support for cookies? If not, or do you not want cookie
warnings to be seen by the cookie-paranoid just use a hidden input in
the form. If you want to be really "bullet-proof" (well, nothing is
really bullet-proof) secure, you should not trust the value of the
cookie/hidden input but always authenticate it againt some
authentication schema. 

-- 
Sasha Pachev
http://www.sashanet.com
Thread
Per User Password AdministrationVan13 May
  • Per User Password AdministrationMichael Widenius13 May
  • Re: Per User Password AdministrationChristian Mack14 May
  • PHP Tracking of Variables (was) Per User Password AdministrationVan16 May
  • Re: PHP Tracking of Variables (was) Per User Password Administration (Never Mind)Van16 May
  • Re: PHP Tracking of Variables (was) Per User Password AdministrationSasha Pachev17 May
    • Re: PHP Tracking of Variables (was) Per User PasswordAdministrationShafir17 May
  • Re: PHP Tracking of Variables (was) Per User Password AdministrationVan17 May
  • Re: PHP Tracking of Variables (was) Per User PasswordAdministrationVan17 May
  • Re: PHP Tracking of Variables (was) Per User Password AdministrationSasha Pachev17 May
  • Parsing of Mail files into a DatabaseVan18 May
    • Parsing of Mail files into a DatabaseMichael Widenius22 May
    • Parsing of Mail files into a DatabaseMichael Widenius22 May
  • Now, How to sed on Perl Vars?Van18 May
    • Re: Now, How to sed on Perl Vars?Thimble Smith18 May
  • Re: Now, How to sed on Perl Vars?Van19 May
Re: Parsing of Mail files into a DatabaseVan18 May
  • Re: Parsing of Mail files into a DatabaseDaniel E. White18 May
Re: Parsing of Mail files into a DatabaseVan18 May
  • Re: Parsing of Mail files into a DatabaseDaniel E. White18 May
Re: Parsing of Mail files into a DatabaseVan18 May