Posted by knal on 01/05/07 12:43

I'd like to keep out unwanted guests. Members that have registered
(stored in MySQL DB) are allowed to login with usern/passw.
Along with that an admin-level is stored wich tells the site how much
rights the user has.

I know i can manage the login via sessions, but i've read only sessions
isn't secure. (Users can even "manually" force their own Session id).
I don't really else know how to explain what i mean with "secure".

Thanks.


On Jan 5, 1:33 pm, Stefan Rybacki <stefan.ryba...@gmx.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> knal schrieb:
>
> > Hi there,
>
> > I'm looking for a secure login script for a sort-of-community site...
> > (PHP, MySQL, sessions, or maybe something else ... )
> > I know there are a lot of scripts out there, but none of them really
> > seem secure, or have other kind of flaws (like IP based login etc.).Hi,
>
> What's your understanding of secure in this case?
>
> >...
>
> > Thanks a lot.Regards
> Stefan
>
> > Knal.-----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2.1 (MingW32)
>
> iD8DBQFFnkWGyeCLzp/JKjARArezAJwLX2nEhqJ04h7281UHY2UuffN4TwCdH3xL
> hXdROeUXauPS+htlXBNEUcs=
> =C5SZ
> -----END PGP SIGNATURE-----

[Back to original message]