[thelist] php login security (was: Call html page with php)
dan donaldson
dan at omnivore.ca
Wed Feb 20 10:37:01 CST 2002
On Wednesday, February 20, 2002, at 06:57 AM, Andrew Forsberg wrote:
> What are the advantages of reauthenticating a user on each page? (Sorry
> it's
> well past midnight here, so I am likely a bit slow off the mark.)
One problem with authenticating once and storing the result in a session
var is that if the admin removes access while the user is logged in, the
user could continue to access the data until they log out or the session
expires. This is more about storing the name/pass in sessions and
confirming their status each new access than it is about passing
name/pass back and forth.
dan
More information about the thelist
mailing list