|
Posted by Emil Novak on 10/10/05 23:03
Oh, just username... That's good idea.
Emil NOVAK
LAMP Developer
On 10/10/05, Dan Brow <dan@fullmotions.com> wrote:
> I was meaning just the username, not the password, still the same issue?
>
> On Mon, 2005-10-10 at 21:35 +0200, Emil Novak wrote:
> > Yet another unsafe way... You can try to write a program that reads
> > stored cookies in Temporary Internet Files - it's peace of cake for
> > somebody that is advanced programmer. The best way is to "eliminate"
> > lazy users - you simply do not implement "auto login". It's the
> > fastest, safest and the easiest way to solve the problem.
> >
> > Emil NOVAK
> > LAMP Developer
> >
> > On 10/10/05, Dan Brow <dan@fullmotions.com> wrote:
> > > Well, um. ya. Back to the drawing board. Save it in a cookie?
> > >
> > > On Mon, 2005-10-10 at 14:59 -0400, Kilbride, James wrote:
> > > > If the session expired.. how will session hold their user id??
> > > >
> > > > > -----Original Message-----
> > > > > From: Dan Brow [mailto:dan@fullmotions.com]
> > > > > Sent: Monday, October 10, 2005 3:05 PM
> > > > > To: PHP-Users
> > > > > Subject: Re: [PHP] storing passwords in $_SESSION
> > > > >
> > > > > Thanks, figured that would be the case. Can't for life of me
> > > > > think why I wanted to do that, must have had a brain
> > > > > infarction. I want to have an expired session prompt so
> > > > > people can log back in with out having to start at the login
> > > > > page. Would having the users login saved in $_SESSION be
> > > > > alright? prompt them for their password and compare it with
> > > > > the password in the DB be fine? I want to reduce the amount
> > > > > of typing someone has to do when a session expires.
> > > > >
> > > > > Thanks.
> > > > >
> > > > > --
> > > > > PHP General Mailing List (http://www.php.net/) To
> > > > > unsubscribe, visit: http://www.php.net/unsub.php
> > > > >
> > > > >
> > >
> > > --
> > > PHP General Mailing List (http://www.php.net/)
> > > To unsubscribe, visit: http://www.php.net/unsub.php
> > >
> > >
> >
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
Emil NOVAK, razvijalec distribucije Slonix
[Back to original message]
|