Reply to Re: Secure login tutorial

Your name:

Reply:


Posted by Rafe Culpin on 01/05/07 13:27

In article <1168002079.875499.106460@v33g2000cwv.googlegroups.com>,
knalpiap@gmail.com (knal) wrote:

> Users, passes etc. would "have to be" in a MySQL DB, since i don't want
> to manually add every new member to a .htaccess file.

In that case one thing you *must* block is a "sql injection attack". If
you don't already know about this please google for it, there's a lot of
information out there.

Almost every example login script ignores it. It can give an attacker
complete control of your database, and in extreme cases the ability to run
arbitrary system commands.

--
To reply email rafe, at the address cix co uk

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация