,htaccess vs cookies vs sessions

Forum Moderators: DixonJones

Message Too Old, No Replies

,htaccess vs cookies vs sessions

Which is better for security?

fudge

4:02 am on Aug 22, 2003 (gmt 0)

Hi there...I'm new to trying to create protected pages on websites. I'm designing the site using php/mysql if this makes any difference.

I am trying to determine which method to implement htaccess/cookies/sessions. Is one more secure than another or easier to implement/maintain?

My aim is to create a login page that will enable users login once and give them access different directories depending on their level of authority. Any maybe use groups so users can access all pages their group allows.

a sample dir structure

/product1 - access all
/product1/staff - staff + managers only
/product1/staff/managerc - managers only
/product2 - access all
/product2/staff - staff + managers only
/product2/staff/manager - managers only

Any ideas or suggestions would be greatly appreciated.

cheers Fudge

wkitty42

4:18 am on Aug 22, 2003 (gmt 0)

you are on the right track with .htaccess, .htpasswd, and the users belonging to groups... its just a matter of ensuring that you have the users in the groups necessary for the pages or directories they are to be able to get to...