I would like to go from page to page, submitting the password through a GET query string. Of course I wouldn't want to do this unencrypted. So is mcrypt the best option?
I think to submit the password on the query string is a really bad idea. What will happend if a user decides to mail the URL to someone? Any recipient of that message would have access to the password protected data.
In my opinion, passwords NEVER should be sent to the client computer in any form (encrypted or not).
I will recomend to find a different way to authenticate the user on every page wich does not require sending him the password.
Regards, Jordi
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
