Hello everyone,
Thanks. I'm looking in to the ssl, I would like to use it, and it does
seem much less work than the alternative.

On 5/23/10, Adam Richardson <simples...@gmail.com> wrote:
> On Sun, May 23, 2010 at 12:40 AM, David Mehler <dave.meh...@gmail.com>wrote:
>> Hello,
>> I've got a custom app that interacts with a database. I want to use
>> something stronger than .htaccess to protect it and ssl is not
>> available as this is a shared host. There will be several user's
>> accessing this app and updating the database through it. What i was
>> thinking was giving each a unique username, password, and ID string,
>> which would be somehow used to compute a hash and if that would match
>> access could be granted. That's just a guess on my part, i'd
>> appreciate any suggestions.
>> Thanks.
>> Dave.
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
> If you really, really can't get to SSL, you could develop the client-side
> code to use a java applet as a proxy, and the applet could handle the
> encryption (I've only done that once and it wasn't worth the work in the
> long-run, I should have just switched hosts OR clients.)  You could also
> pull off the same effect with a FLEX application, too.
> And, if you really, really wanted to, you could even develop an ajax
> application that encrypted the traffic before sending and decrypted any
> incoming traffic using a hash of a nonce provided by the server and the
> password of the user (the server-side PHP would perform the complimentary
> actions.)  However, this would be quite a bit of work, and I'm hoping that
> you can talk someone into a hosting upgrade :)
> For reference, here's a javascript implementation of AES I've used in the
> past (there's a port of the corresponding PHP to use linked on the same
> page):
> http://www.movable-type.co.uk/scripts/aes.html
> But, again, I hope you can just switch to a host with SSL.
> Adam
> --
> Nephtali:  PHP web framework that functions beautifully
> http://nephtaliproject.com

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to