I am using Basic authentication on my school site. It works as I want, but when I use php, I can read the password form variable $php_auth_pw / $HTTP_SERVER_VARS["PHP_AUTH_PW"]. I think it have a security problem when the student can read another one password using php. But I have no ideal how to protect it. Is it the setting of apache or php?
moon CCC Ming Kei College [EMAIL PROTECTED] -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
