If you use a .htaccess file in the directory (assuming Apache), a popup
box asks for username/password. The password is MD5 encrypted. I think
the downside is php getting access to these, or maybe I'm wrong in this.
>I belive you can have the file atleast one directory below your root web
>folder (so web surfers have no access, just your script). Also since the
>HTML->PHP is unsecure over HTTP, look into HTTPS , I believe this is related
>to SSL (Secure Socket Layer). Without SSL, you will be POSTing your
>user/pass enter from the HTML form in plain text, which is always a target
>for packet sniffers.
>"Roman Duriancik" <[EMAIL PROTECTED]> wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>>If I want to secure the access to the database by asking for passwd, what
>>should I do ? I suppose I need a secure connection to transfer the
>>and passwd between HTML form and the script - how do I make that ?
>>How do I secure the database file with passwords and user names so that
>>it cannot be accessed by anyone, just by allowed users ?
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php