Msg#: 3296672 posted 7:25 pm on Mar 29, 2007 (gmt 0)
on my latest project one of the goals is to have a password protected page that allows the user to view his data and edit it. i know all about .htaccess but was wondering if there was a better way(read more secure). i know a small amount of php and am willing to learn just about anything so complexity is not a problem.
All help taken.
Oh yes am running apache on FC6 if it makes any difference and will have about 60 users in total.
Then there's copious real-world examples in the php scripting forum & its library.
Also absorb all you can on security: good practices for validating user input, preventing cross-site and sql injection attacks. I learned a lot from this: [phpsec.org ] Some of it's a bit hard to follow - your eyes start to glaze over - but if you go back and read it again after chewing on it awhile, it makes more and more sense. Since your first objective with sessions is security, you might actually want to first skim through that article quickly, ignore what you don't understand right off the bat, then go read the session stuff at php.net.