Hi Tom, I've got a question for you regarding this encrypt class of yours.. Just wanted to understand how well it would work against a guy with a sniffer such as ethereal. (presuming he's on the LAN/wifi to access the app)
How does the encryption happen?? Client side or server side? How does it get transmitted? I'm curious as to how to prevent ppl from sniffing out the username/pass combo for these sort of sites that need memberships. In some instances.. I can see the user/pass combo being passed in plain text eg : user=someuser&pass=somepass&id=232&...... or in hashed form eg :eg : user=someuser&pass=*(^&$&[EMAIL PROTECTED]&(J83&%#396asjjuwo273314koopu83jskl&id=232&..... . How does the hash happen??? <snip> Save it in encrypt_class.inc <? class encrypt_class{ var $secret; function encrypt_class(){ $this->secret = 'you should change this to something else'; } </snip> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php