Reply to Re: [PHP] storing passwords in $_SESSION

Your name:

Reply:


Posted by Emil Novak on 10/10/05 23:03

Oh, just username... That's good idea.

Emil NOVAK
LAMP Developer

On 10/10/05, Dan Brow <dan@fullmotions.com> wrote:
> I was meaning just the username, not the password, still the same issue?
>
> On Mon, 2005-10-10 at 21:35 +0200, Emil Novak wrote:
> > Yet another unsafe way... You can try to write a program that reads
> > stored cookies in Temporary Internet Files - it's peace of cake for
> > somebody that is advanced programmer. The best way is to "eliminate"
> > lazy users - you simply do not implement "auto login". It's the
> > fastest, safest and the easiest way to solve the problem.
> >
> > Emil NOVAK
> > LAMP Developer
> >
> > On 10/10/05, Dan Brow <dan@fullmotions.com> wrote:
> > > Well, um. ya. Back to the drawing board. Save it in a cookie?
> > >
> > > On Mon, 2005-10-10 at 14:59 -0400, Kilbride, James wrote:
> > > > If the session expired.. how will session hold their user id??
> > > >
> > > > > -----Original Message-----
> > > > > From: Dan Brow [mailto:dan@fullmotions.com]
> > > > > Sent: Monday, October 10, 2005 3:05 PM
> > > > > To: PHP-Users
> > > > > Subject: Re: [PHP] storing passwords in $_SESSION
> > > > >
> > > > > Thanks, figured that would be the case. Can't for life of me
> > > > > think why I wanted to do that, must have had a brain
> > > > > infarction. I want to have an expired session prompt so
> > > > > people can log back in with out having to start at the login
> > > > > page. Would having the users login saved in $_SESSION be
> > > > > alright? prompt them for their password and compare it with
> > > > > the password in the DB be fine? I want to reduce the amount
> > > > > of typing someone has to do when a session expires.
> > > > >
> > > > > Thanks.
> > > > >
> > > > > --
> > > > > PHP General Mailing List (http://www.php.net/) To
> > > > > unsubscribe, visit: http://www.php.net/unsub.php
> > > > >
> > > > >
> > >
> > > --
> > > PHP General Mailing List (http://www.php.net/)
> > > To unsubscribe, visit: http://www.php.net/unsub.php
> > >
> > >
> >
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


--
Emil NOVAK, razvijalec distribucije Slonix

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация