Reply to best way to handle user authentication, PHP vs. apache

Your name:

Reply:


Posted by Raymond Still on 01/29/05 22:32

Hello;
I'm trying to figure out the best (most secure and most
user friendly, security of primary importance) way to
let a user log-in.
I am setting up a web application (database
application) that will be for private use only and I
want to keep it secure.
As I understand it, using the Apache htaccess method is
secure as there is essentially no communication without
a username and password, but it does lack a little in
flexibility and presentation.
On the other hand, PHP certainly has the edge on
flexibility and presentation, but I have questions
regarding it's security. If you look at the threads
regarding connecting to databases, you often see a
warning to the effect of: store your connection
password etc, outside of the document path in case PHP
fails and your file is displayed unprocessed.
So my question is, how can you count on PHP to log
somebody in, and prevent access to files when PHP may
fail, or the user could just go into the directory
structure and bypass security.
TIA
Ray

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация