Assuming they have access to the PHP files, all decoding keys would be
available there, so while encrypting the database would definitely slow up
the attacker, it would only do so until they discovered the decoding method.
Any experienced hacker would find this in no time. If you pre-compile
]
Sent: 17 January 2005 03:47
To: php-db@lists.php.net
Subject: Re: [PHP-DB] Security Question
But what I'm saying is that if you're submitting a form from an unsecured
page, to a script on a secure server, the data will still be encrypted.
Anyone know this for sure to be correct? It sure
If it submits to a secure server the form data will be encrypted before
transmission I believe. At least that's my understanding, and that seems to
be how ebay does it for example. Once you log-in, it submits to a secure
page.
-Micah
On Sunday 16 January 2005 06:38 pm, Chris Payne wrote:
the login page on a non secure server but post the form
to a secure server.
Peter
-Original Message-
From: Micah Stevens [mailto:[EMAIL PROTECTED]
Sent: 17 January 2005 02:46
To: php-db@lists.php.net
Subject: Re: [PHP-DB] Security Question
If it submits to a secure server
secure server but post the
form to a secure server.
Peter
-Original Message-
From: Micah Stevens [mailto:[EMAIL PROTECTED]
Sent: 17 January 2005 02:46
To: php-db@lists.php.net
Subject: Re: [PHP-DB] Security Question
If it submits to a secure server the form data
From: Dylan Barber [EMAIL PROTECTED]
I am accessing a database on my site from another site - I am
not the only developer on the other site and there is the potential
for someone to access the database for nefarious purposes from
the other site. Can I somehow protect the password and still have