473,486 Members | 2,136 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

[PHP5] File Base vs. Directory Based Authentication?

Hi, I'm looking to implement login/registration system in PHP5 and
MySQL. Thus, I have come across alot of resources and source code to
perform this task. However, I'm wondering, what's the best method
(i.e. PHP/MySQL or PHP/MySQL using .htpasswd) from a security?
Essentially, I will need to be able to password protect an entire
directory. Also, a small set of directories will be for admin eyes
only. BTW, I will have both admin and guest members for this
membership site. Finally, if you can point me to both source and/or
white papers, I would greatly appreciative.

Thank you,

-Conrad

Jul 17 '05 #1
1 2251
<co******@runbox.com> wrote in message
news:11**********************@z14g2000cwz.googlegr oups.com...
Hi, I'm looking to implement login/registration system in PHP5 and
MySQL. Thus, I have come across alot of resources and source code to
perform this task. However, I'm wondering, what's the best method
(i.e. PHP/MySQL or PHP/MySQL using .htpasswd) from a security?
Essentially, I will need to be able to password protect an entire
directory. Also, a small set of directories will be for admin eyes
only. BTW, I will have both admin and guest members for this
membership site. Finally, if you can point me to both source and/or
white papers, I would greatly appreciative.


HTTP authentication is in general more secured than roll-your-own
PHP+database authentication. The main reason is that you cannot obtain HTTP
headers through client scripting, where ascookies and URLs, used by PHP's
session mechanism, are easily obtainable.

If you're protecting a bunch of files neatly tucked into a directory, then
use HTTP digest authentication. Read the Apache manual for more details.
Jul 17 '05 #2
Create Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
2565
Multiple File copy to Web Server
by: Tess | last post by:
Hi, Long time reader, first time poster... Any help is appreciated. I have a few questions regarding Winform controls embedded within an html page. For more info please see the appendix. Now,...
.NET Framework
10
3576
Directory based authentication
by: See Sharp | last post by:
Hello all, I have a set of admin pages which are put in a subfolder called admin inside my application folder. I want to limit access to these admin pages. How can I do this? In Linux, I can...
ASP.NET
1
1281
Web.config File Problem
by: Malik Asif Joyia | last post by:
Hello I want to implement the forms based authentication. for a sub directory in my webapplication. I have allready applied Forms based authentication in my webapplication ,, I have added a folder...
ASP.NET
6
2852
HTML file server side includes plus forms authentication
by: William F. Zachmann | last post by:
We've got a project going that involves moving an old web site with a massive dll written in C++ that produces most of the output from a SQL 7.0 data base on NT4 onto IIS on Windows 2003 Server...
ASP.NET
10
4029
Windows Authentication through Active Directory
by: Hriday | last post by:
Hi there, Please help me..It is urgent This is Hriday, working on windows authentication with Active Directory... My requirment is when a user sends a request to my web Applicatoin I want to...
Visual Basic .NET
1
6434
"error_reporting" setting not being recognized in my php.ini file
by: laredotornado | last post by:
Hi, I'm using PHP 4.4.4 on Apache 2 on Fedora Core 5. PHP was installed using Apache's apxs and the php library was installed to /usr/local/php. However, when I set my "error_reporting"...
PHP
2
1884
Ubuntu7.10+Apache2+PHP5 Files not uploading...
by: clintec | last post by:
Ok... I've been trying to track this down between two "similar" systems (one that appears to work and the other that doesn't)... and I'm decided to ask for help. I have an Ubuntu 7.10 based...
PHP
3
1991
Role base security and RedirectUrl
by: RedHair | last post by:
I use the Form Authentication and Role base security to secure one ASP.NET 3.5 appication. Below are security settings in web.config <location path="testAdmin.aspx"> <system.web>...
ASP.NET
1
2685
scubak1w1
PHP5 on IIS7 in Windows Server '08 - multiple site issues (sic)
by: scubak1w1 | last post by:
Hello, I was/am using the excellent tutorial over at http://learn.iis.net/page.aspx/246/using-fastcgi-to-host-php-applications-on-iis-70/ to get PHP5.2.9 up and running on Server '08 and IIS7. ...
IIS / Internet Information Server
0
6964
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
7126
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
7175
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
1
6842
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
7330
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
1
4865
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA
0
3070
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
1
598
muto222
php
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
0
262
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us