[thelist] Bypassing a login

Rob Whitener rwhitener at DesignOptions.com
Tue Jan 28 08:32:03 CST 2003


I have a security question.  I have a site where one area is secured so
dealers and sales reps are able to check orders online.  I secured the login
with md5 and some random server info {php: md5((prng * uniqid))}.  Is there
anyway to prevent people from just typing in a URL to get around the login.
They wouldn't be able to see any information, but I will have a mailing list
that I wouldn't want anyone monkeying with.

thanks,

Rob



More information about the thelist mailing list