![]() |
Password System and PHP Security Flaws?
I want to code a password protected user database, and I'm wondering if PHP would be sufficient and secure enough to use for the basic user interface and file access to the database records... I won't be using SQL, just flat text files.
I'm not really so worried about brute-force type hacking -- I'm more concerned about obvious security dangers that a lazy coder like myself might encounter... Pretty much I know basic stuff like limit the user input to only the most essential (no fancy characters allowed, etc.) -- but what are some other obvious mistakes? |
Its not as much of the programming langauge of choice, moreover, the person doing the coding. PHP is a robust enough langauge to do just about anything you could possibly imagine web related. You should however take a few minutes and learn the PHP - MySQL interface (its amazingly simple), and you will save yourself alot of headache and server load. If you are using in combination with .htaccess be sure to check out the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] (mor einfo here : http://www.php.net/manual/en/reserved.variables.php), will make your life easier.
Rory :helpme |
Quote:
All I need to do is write to files, read from files and search files... Why use MySQL for that? When you use flat text files, you can use simple text editors to do editing, deletions, etc... Also you can use grep to search your databases from the command line... |
Fly,
I would recommend php/mysql method. We use these on many stores, affiliate software, etc. with an easy admin back end, you can delete, edit, add, etc from any mysql dbase. Stable for millions of hits day, records, etc. Easy to back up via web backend admin, or via SSH / Telnet at the command line. peace |
All times are GMT -7. The time now is 09:47 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123