On 05/23/2010 10:51 AM, Robert Cummings wrote:
David Mehler wrote:
I've got a custom app that interacts with a database. I want to use
something stronger than .htaccess to protect it and ssl is not
available as this is a shared host. There will be several user's
accessing this app and updating the database through it. What i was
thinking was giving each a unique username, password, and ID string,
which would be somehow used to compute a hash and if that would match
access could be granted. That's just a guess on my part, i'd
appreciate any suggestions.
Since you're not going to go over SSL, then nothing you can do will be
stronger since it all flies out in plaintext over the internet.
Yeah I also agree with it. If you really want the things to be secure
then use SSL.
Nilesh Govindarajan (निलेश गोविंदराजन)
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php