secure login form

---

• From: Harris Kosmidhs <hkosmidi@xxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Thu, 05 Jun 2008 16:15:57 +0300

---

Hello,

while I'm developing sites for some time I never coded a login form with security in mind.

I was wondering what guidelines there are.

For my point of view I'm thinking of using md5 passwords (it's an one way function right?) in db. Is this a correct approach?

Then, if I'm permitted by the server admin I want to use https. Is it as simple as puting the login form in the httpdocs of the https server an when login is successful then I just set a session variable? Will I then be able to read this from a page under http?

Thanks in advance.
.

---

• Follow-Ups:
  • Re: secure login form
    • From: larry
  • Re: secure login form
    • From: C. (http://symcbean.blogspot.com/)
  • Re: secure login form
    • From: Dikkie Dik
  • Re: secure login form
    • From: Erwin Moller

• Prev by Date: Re: NEWBIE Seeking best IDE for developing PHP based Webpages/website
• Next by Date: create html from flat file
• Previous by thread: Buteyko Approach
• Next by thread: Re: secure login form
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

coding.derkeiler.com  > Archive  > PHP  > comp.lang.php  > 2008-06