You may want to check out PEAR::LiveUser
http://pear.php.net/package-info.php?pacid=126
http://projects.21st-hq.de/liveuser/
A very complete / multilevel authentication package.
Get the latest source from CVS as the source on pear
site is a bit outdated.
olinux
--- "Clarkson, Nick" <[EMAIL PROT
> I've searched the archives, bit it's not helping me much purely because it's
> not specific PHP code I'm after, but rather help with a login system design.
> So far I've got a PHP_AUTH based login which checks against a MySQL
> database, and if the user's details are correct it updates the databa
ld be
appreciated.
Thanks,
Nick
-Original Message-
From: Peter Hicks [mailto:[EMAIL PROTECTED]]
Sent: 18 February 2003 14:43
To: Clarkson, Nick
Cc: '[EMAIL PROTECTED]'
Subject: RE: [PHP] Help with authentication 'design'
Nick,
md5 is a hashing function, not an encry
Nick,
md5 is a hashing function, not an encryption function. You need anti-replay
if you want the password transfer to be secure
On Tue, 18 Feb 2003, Clarkson, Nick wrote:
> Would this pass both variables in clear text back to the server ? If so
> would it be better to do this;
>
> [cut]
>
> W
Would this then pass both variables after being hashed with md5 ? Am I
barking up the wrong tree ? Or just plain barking ;oD
Thanks,
Nick
> -Original Message-
> From: Clarkson, Nick
> Sent: 18 February 2003 14:36
> To: '[EMAIL PROTECTED]'
> Subject: [PHP] H
Hi,
I've searched the archives, bit it's not helping me much purely because it's
not specific PHP code I'm after, but rather help with a login system design.
So far I've got a PHP_AUTH based login which checks against a MySQL
database, and if the user's details are correct it updates the database
6 matches
Mail list logo
