>>I am writing an authentication cgi. This cgi will authenticate people...
>>for example http://faa.foo.com/cgi-bin/auth.cgi?user=fred&password=fred
It's a very bad practise to put authentication info to the URL. It gets
logged by the webserver itself and possibly by proxies.
You should use a form with POST method, ideally over SSL-protected pages.
Your script should connect to the SUBSCRIBER database and check the login
name + pwd, if it's correct, do a search /i.e. select ... / for only the
specified user and print him a nice table. Then disconnect the database.
Janos SUTO
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
