On Wednesday, February 13, 2002, at 08:51  PM, Harry Yu wrote:

> Can anyone give me any suggestions or recommendations?
>  Is there any security concerns?  Also, the session
> files are in a directory that is not world readable.

I just set up my own first authentication system, and it works very 
similar to yours.  I think you should turn register_globals off if you 
really want security.  PHP 4.1.0 has some neat shortcuts to make your 
life easier if you do this.



Erik Price
Web Developer Temp
Media Lab, H.H. Brown

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to