473,387 Members | 3,821 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > hard coded password protection

Join Bytes to post your question to a community of 473,387 software developers and data experts.

hard coded password protection

Trying to get Windows AD LDAP working to recognize who is accessing the
page... I have successfully grabbed the user credentials and passed
them off to LDAP, but that required me to pass off a hard coded Userid
and password. Since this server is on our corporate network. Is there a
way to either:

1) Grab the userid/password of the client and use them to access the
windows LDAP server withouth having to give out my own? or

2) Protect the "include" so that a user could not "path" to the server
(\\server\directory\phpscripts\includes\password.p hp) and view the php
file, while allowing the WWW browser access to the file.

Thanks
Carl

Jul 17 '05 #1
1 2282
Carl Hilton wrote:
Trying to get Windows AD LDAP working to recognize who is accessing the
page... I have successfully grabbed the user credentials and passed
them off to LDAP, but that required me to pass off a hard coded Userid
and password. Since this server is on our corporate network. Is there a
way to either:

1) Grab the userid/password of the client and use them to access the
windows LDAP server withouth having to give out my own? or

2) Protect the "include" so that a user could not "path" to the server
(\\server\directory\phpscripts\includes\password.p hp) and view the php
file, while allowing the WWW browser access to the file.

Thanks
Carl


Getting the user's userid/password would be a HUGE security risk! I can
just imagine what a malicious site could do. Doesn't matter if it's in
internal corporate network - it could still be abused so easily (i.e.
collecting the userid/password of the Pres, HR, Payroll...).

As to keeping them from viewing the file - don't put it in a directory
accessible to the network.


--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Jul 17 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
password protection - does this work?
by: juglesh | last post by:
<body><div align="center"> <?php if (!isset($password)){ ?><form action="<?php $_SERVER; ?>" method="post"> type password here&nbsp;<input name="password" type="text" size="8"> then <input...
PHP
10
JS password script
by: Max | last post by:
Hello all, I am trying to protect a page within my site with a JS password scheme. Now I know JS can be quite easily "circumvented", but I came by a code below. My question is: 1. Is there...
Javascript
7
Seeking feedback on Password Protection via Java/JavaScript ONLY (no cgi)
by: Borked Pseudo Mailed | last post by:
Seeking feedback on Password Protection via Java/JavaScript ONLY (no cgi): SEE: http://online_tools.home.att.net/tools.html *AND* http://online_tools.home.att.net/extraCode.htm Thanks.
Javascript
8
How to encrypt the hard coded password while connecting to MSDE?
by: Gabor | last post by:
Hi, I have an app. that uses an MSDE database. I hardcoded the login and password in the application, but it is very simple to see with an ILDASM.exe tool. Is it any procedure to obscure the...
Visual Basic .NET
3
Password Protect
by: Miro | last post by:
Why Password protect an MDB when someone can google and get a hack? Wondering if anyone else has thought of this and just said "oh well"... I plan to password protect an MDB where I have some...
Visual Basic .NET
0
password protection - folders/individual files
by: btopenworld | last post by:
Hi I have been using two forms of password protection: A) On working web sites I use an ASP script that is included in every page requiring protection: uses session - works fine B) On...
ASP / Active Server Pages
4
Lokean
Find hard coded strings in SQL: can it be done programatically?
by: Lokean | last post by:
The problem: Company was bought out and we are bringing everything into complience. Passwords are not secure and do not need to be.(required by software we are using) Old passwords *may or may...
Microsoft SQL Server
16
Database Password - Enter by code.
by: Greg (codepug | last post by:
If one converts that .mdb into an .mde the code is secure but the tables can still be imported. Just for Very Basic protection, I have placed a Password on the database using the "Set Database...
Microsoft Access / VBA
1
Find hard-coded password strings in project's code - Can it be done automatically?
by: nitzanO | last post by:
Hey, I have a very big project with thousands and thousands of code lines. Until now we have used hard-coded passwords and we wish to stop. The problem is how detect all the places in the code...
Software Development
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!