Without using SSL or JavaScript, is there any way to make an md5 hash or 
encrypt a string before sending it out as a POST request?

It seems that without encrypting the data before sending it, it can 
still be intercepted.  Once intercepted, it doesn't matter if I use 
md5() on the $_POST['password'] once it gets to the script, because 
anyone can submit the same intercepted string to the script via POST and 
it will be md5()ed when it gets there, thus defeating the purpose.

Maybe I haven't quite wrapped my brain around a decent authentication 
scheme yet.



Erik Price
Web Developer Temp
Media Lab, H.H. Brown

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to