Hi Tom,
I've got a question for you regarding this encrypt class of yours.. Just
wanted to understand how well it would work against a guy with a sniffer
such as ethereal. (presuming he's on the LAN/wifi to access the app)
How does the encryption happen?? Client side or server side? How does it get
transmitted? I'm curious as to how to prevent ppl from sniffing out the
username/pass combo for these sort of sites that need memberships.
In some instances.. I can see the user/pass combo being passed in plain text
eg : user=someuser&pass=somepass&id=232&......
or in hashed form
eg :eg :
user=someuser&pass=*(^&$&[EMAIL
PROTECTED]&(J83&%#396asjjuwo273314koopu83jskl&id=232&.....
.
How does the hash happen???
<snip>
Save it in encrypt_class.inc
<?
class encrypt_class{
var $secret;
function encrypt_class(){
$this->secret = 'you should change this to something else';
}
</snip>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
