> Okay Gents and Ladies, > > I am looking for more information on how best to do this. > > I have a MyQSL back end. > It houses a users user_name and password. > > I have a secure area of the site that I only want members to view. > > The way I have it now is that the user logs in. > If user_name and password match cookies are set. > > Each page in the secure are checks for a variable in the cookie. If set the > user can view the page, if not set the page redirects back to the login page. > > Now first question is - how secure is this?
Cookies are pretty secure. I wouldn't store credit card numbers in them, but for what you described they sound fine. > Second question - what is a better more secure way to handle this. Then > most importantly where do I get information on how to go about doing that? > I know nothing about sessions and would need some good links for that arena. Sessions are basically just server side cookies, but you can do neat stuff like store them in a db such MySQL. The best place to learn about PHP sessions is by reading the manual and writting some code: http://www.php.net/manual/en/ref.session.php > Also I do not know much of anything about Object Oriented Programming. Me neither :) > Thanks for the feedback. No problem... ------------------------------------------------------------------------ Greg Donald - http://destiney.com/ http://phprated.com/ | http://phplinks.org/ | http://phptopsites.com/ ------------------------------------------------------------------------ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
