[PHP] Session over SSL
Will Session have problem when people browse from a http page to a https page and go out again? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PHP authenticating and session management
o ic check the IP to prevent . But I have another Q . 1.) I see from www.php.net , people said they will generate a Session ID by themselves srand((double)microtime()*100); $unique_str = md5(rand(0,999)); why not to generate by ourself ? PHP will create itself . 2.) Will Session have problem when people browse from a http page to a https page and go out again? thx Christopher Ostmo [EMAIL PROTECTED] ¼¶¼g©ó¶l¥ó 3B337955.15490.27965520@localhost">news:3B337955.15490.27965520@localhost... Bass??? pressed the little lettered thingies in this order... I have a Q. will the Session ID be stolen by hacker when the ID tranfer bewteen client and server ? Then can the hacker send the ID to server and veiw the user's page ? Yes. That *can* happen to any non-encrypted transmission that passes over an untrusted network. It would be difficult to do, so it's unlikely, but it *can* happen. It would require a packet sniffer on your network, on the target network or somewhere between. If you want to prevent this, you should match session ID with requesting IP addresss, log both into a database and check both for each page request. If the data being accessed is *that* important that a hacker would go through that much trouble to hijack a session, you probably should consider using SSL. Christopher Ostmo a.k.a. [EMAIL PROTECTED] AppIdeas.com Meeting cutting edge dynamic web site needs For a good time, http://www.AppIdeas.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] How to manage login ???
Hi I have a question . At some website which have webmail serivce , they won't use SSL for login . Then how can they protect clinet's information and email ?? they use sessions when login in ?? use sessions is secure ?? Is there another security method in PHP ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] How to select rows from Mysql with case senstive ??
Hi , By defualt , select rows from Mysql is case insenstive . For exmaple , select * from foo where name = 'PHP' select * from foo where name = 'php' is the same how can i do a queny which select * from foo where name = 'PHP' is success but select * from foo where name = 'php' fail ?? given that name = 'PHP' in the database thx -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] How to check aBc different from abc ?
thx ^_^ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] How to send e-mail using PHP with the sender's address is my company's e-mail ??
Hi , My copmany have a website and is hosted on a web server of some web hosting company . I want to use PHP to send e-mail on that server . I use $result = mail("[EMAIL PROTECTED]" , "E-mail Test" , "this e-mail is sent by php") ; to do it . But when I receive the e-mail , the SENDER 's address is the server's domain name ! such as '[EMAIL PROTECTED]' It's a large problem if I send a e-mail to my clients with this cos they won't know who send the e-mail !! how can I send a e-mail with the sender's address is my company's e-mail ??? for exmaple ' [EMAIL PROTECTED] '?? THX A LOT -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]