Thanks for the tip - I'll give it a read and see if it'll work for me. I
need to get a handle on sessions & cookies anyway, maybe this is a good
time.
I don't have any php books, good or otherwise. I've been using the
documentation at www.php.net and scanning the list archives to feel my way
around. Probably not the best approach. You could probably sum up my coding
style with "why write 1,000 lines of code when 5,000 will do?" Still, it
gets the job done, I guess.
I'm using O'Reilly's "MySQL & mSQL" for a MySQL reference and it's a good
command reference, but for learning code I find the list archives to be a
little more instructive. Seeing how other people are doing the stuff I'm
trying to do is a little more "real world".
olinux wrote:
> You could set up a PHP based login, and manage authorization users with
> cookies. I am one step behind you as I have not yet finished my
> application
> pages, but I think that this offers a fair security level. Php Fast &
> Easy
> Web Development by Julie C. Meloni covers this and is a great starting
> book,
> http://www.amazon.com/exec/obidos/ASIN/076153055X/qid%3D981318818/102-57
> 7415
> 8-3647359
>
> basically it works like this:
> the user goes to the login screen, when they submit the
> username/password,
> the PHP script checks for a row in the db where the two are present. If
> there are none then it is not a valid combo. The cookie and session make
> it
> possible to allow access untill the session ends [when the browser
> closes,
> though it could be longer I think]
>
> She also has a web site that includes all of the code from the book, as
> well
> as some tutorials. www.thickbook.com - chapters 15-17 deal with
> authorization, cookies and sessions. and the last chapters 20-22 all use
> sessions in the examples.
>
> Have any good books, URLS's that you read to get started? I am looking
> for a
> good mySQL book, I haven't heard that there are very many "good" PHP
> books
> out.
>
> later,
> olinux
>
> -----Original Message-----
> From: Chuck Mayo [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, February 04, 2001 7:47 AM
> To: [EMAIL PROTECTED]
> Subject: [PHP-DB] No security on mySql database - help!
>
> After spending the last two weeks feverishly learning and coding php &
> mySql, I'm ready to go live and have discovered that my Hostpro Virtual
> Server (Used to be Vservers? never mind...) "doesn't support
> password-protecting individual databases". I thought it strange that I
> didn't need any user/pass pairs to access the db during development, but
> figured I'd sort that out later. What a bonehead, eh? Now it's "later",
> and I don't seem to have a way to control users or access levels. Can
> anyone suggest a workaround besides just dropping my pages into an
> .htaccess -protected directory?
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
