[thelist] PHP Login Security

Liam Delahunty ldelahunty at britstream.com
Sat Oct 12 16:46:01 CDT 2002


Nickolay Kolev wrote:

>How do I encrypt the passwords (or any other data for that matter)
>without passing them to another page? In other words, how do I send
>them encrypted over the network?
>
>I have been reading through the php manual but it seems all greek
>to me...

I haven't been following this thread so don't know what the application is
or what you are trying to achieve... but you could try sending the page to
$PHP_SELF in the action of a form. The page will have a submit test. You'll
need to name the submit button like so:

print ("input type=\"Submit\" value=\"submit\" name=\"submit\">\n");

TO test it on the page...

if ($submit) {
// do stuff
}

But don't forget, and this is a BIG sin committed by loads of sites, that
there is little or no point using encrypted data for "security" if the data
has been entered on a non secured connection. You might encrypt them after
they've been sniffed in the plain text send...

Kind regards,
Liam Delahunty




More information about the thelist mailing list