You are here: Re: [PHP] Storing password in cookie « PHP « IT news, forums, messages
Re: [PHP] Storing password in cookie

Posted by D. Wokan on 04/13/05 04:09

Richard Lynch wrote:
> On Sat, April 9, 2005 11:51 am, trlists@clayst.com said:
> *WHY* would you not store some kind of hash of the user ID?!
> setcookie('remember_me', md5($username));
> .
> .
> .
> select username from users where md5(username) = $_SESSION['remember_me']
> Is that really any harder?

It's very hard on the database. With no other where clauses to restrict
the results set, the database will have to run the md5 routines on every
username in the table.

For better performance, you should also store something like a record id
that you can use...

select username from users where recid = $_SESSION['userid'] and
md5(username) = $_SESSION['remember_me']

Any query optimizer worth its salt will first filter based on the record
ID and then only apply the md5 function to the remaining (1 in this
case) usernames.
--
D. Wokan

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация