subject:"\[PHP\] Re\: protecting passwords when SSL is not available"

[PHP] Re: protecting passwords when SSL is not available

2006-03-27 Thread Barry


Satyam wrote:

b) concatenate this value with the session_id() or whatever random you 
generated before


And where do you get that information?

Barry
--
Smileys rule (cX.x)C --o(^_^o)
Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: protecting passwords when SSL is not available

2006-03-27 Thread Satyam


The php server sends it along the form. Which I said so:

PHP will send a random number along with the login form. 

I don't see any problem sending that information to the client clear 
(unencrypted), but that's why I'm asking.


Satyam

- Original Message - 
From: Barry [EMAIL PROTECTED]

To: php-general@lists.php.net
Sent: Monday, March 27, 2006 3:36 PM
Subject: [PHP] Re: protecting passwords when SSL is not available



Satyam wrote:

b) concatenate this value with the session_id() or whatever random you 
generated before


And where do you get that information?

Barry
--
Smileys rule (cX.x)C --o(^_^o)
Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: protecting passwords when SSL is not available

Re: [PHP] Re: protecting passwords when SSL is not available

2 matches

Site Navigation

Mail list logo

Footer information