Hey folks -
While contemplating the design of a secure web database, an idea struck me.
I'm thinking of submitting it as a feature request, so please critique it.
I'm having php handle user logon with it's .htaccess emulation. I'm storing
usernames and password hashes in a table. The problem is
While I understand the concern, it shouldn't be any easier for a hacker to
see the raw text of your PHP files than to get directly to your database
files. Neither is normally permitted by the web server. So if he somehow can
get in and get one, why not the other?
That said, if it makes you
2003 8 14 12:50Nils Valentin :
Hi Steven,
while the general idea sounds not to bad, I guess the bad guess would
I meant the bad guys - what a silly typo ;-)
just use a undecrypt function wich they either develop themself or get from
somewhere.
Best regards
Nils Valentin
Tokyo/Japan
Hi Steven,
while the general idea sounds not to bad, I guess the bad guess would just
use a undecrypt function wich they either develop themself or get from
somewhere.
Best regards
Nils Valentin
Tokyo/Japan
2003 8 14 03:07Lefevre, Steven :
Hey folks -
While contemplating the design of