Re: [PHP] best way to handle user authentication, PHP vs. apache

2005-01-31 Thread Chris Shiflett
--- Jochem Maas <[EMAIL PROTECTED]> wrote: > > There may not be a lot of stuff in terms of the number of resources, > > but the PHP Security Guide is a lot by itself: > > > > http://phpsec.org/projects/guide/ > > I did say 'AFAICS' - I should have mentioned that I took only the very > quickest of

Re: [PHP] best way to handle user authentication, PHP vs. apache

2005-01-31 Thread Jochem Maas
Chris Shiflett wrote: --- Jochem Maas <[EMAIL PROTECTED]> wrote: http://phpsec.org/ which has just gone live - not that much info there yet AFAICS but will probably become a good resource There may not be a lot of stuff in terms of the number of resources, but the PHP Security Guide is a lot by it

Re: [PHP] best way to handle user authentication, PHP vs. apache

2005-01-31 Thread Chris Shiflett
--- Jochem Maas <[EMAIL PROTECTED]> wrote: > http://phpsec.org/ > > which has just gone live - not that much info there yet AFAICS but > will probably become a good resource There may not be a lot of stuff in terms of the number of resources, but the PHP Security Guide is a lot by itself: http:/

Re: [PHP] best way to handle user authentication, PHP vs. apache

2005-01-31 Thread Jochem Maas
Raymond Still wrote: On Sun, 30 Jan 2005 18:49:41 -0800 (PST), "Richard Lynch" wrote: Raymond Still wrote: ... You've got a long way to go before you properly understand all the security issues you've jumbled together -- Took me forever, too. :-) not to mention the fact that security is a moving t

Re: [PHP] best way to handle user authentication, PHP vs. apache

2005-01-30 Thread Raymond Still
On Sun, 30 Jan 2005 18:49:41 -0800 (PST), "Richard Lynch" wrote: > > Raymond Still wrote: > > Hello; > > I'm trying to figure out the best (most secure and > most > > user friendly, security of primary importance) way to > > let a user log-in. > > I am setting up a web application (database > > a

Re: [PHP] best way to handle user authentication, PHP vs. apache

2005-01-30 Thread Richard Lynch
Raymond Still wrote: > Hello; > I'm trying to figure out the best (most secure and most > user friendly, security of primary importance) way to > let a user log-in. > I am setting up a web application (database > application) that will be for private use only and I > want to keep it secure. > As I

[PHP] best way to handle user authentication, PHP vs. apache

2005-01-29 Thread Raymond Still
Hello; I'm trying to figure out the best (most secure and most user friendly, security of primary importance) way to let a user log-in. I am setting up a web application (database application) that will be for private use only and I want to keep it secure. As I understand it, using the Apache htacc