Re: WWW-Authentication and Postgresql
| От | Stephan Borg |
|---|---|
| Тема | Re: WWW-Authentication and Postgresql |
| Дата | |
| Msg-id | 001801c18e82$ba9dc900$1400a8c0@p1g обсуждение исходный текст |
| Ответ на | Re: WWW-Authentication and Postgresql (Vince Vielhaber <vev@michvhf.com>) |
| Ответы |
Re: WWW-Authentication and Postgresql
|
| Список | pgsql-php |
I have found the mod_auth_pgsql module to be the easiest way to implement this function. Does anyone know if it takes the points mentioned below into consideration? Stephan -----Original Message----- From: Vince Vielhaber [mailto:vev@michvhf.com] Sent: Wednesday, 26 December 2001 2:25 PM To: Andrew McMillan Cc: Stephan Borg; pgsql-php@postgresql.org Subject: Re: [PHP] WWW-Authentication and Postgresql <snip> A couple of quick gotchas. 1) make sure you filter out all unwanted characters so someone can't execute sql calls inside of a username or password. 2) On failure make sure you send a 401 to the browser just like you do initially when asking for the password to clear out the old one - you can also use this to handle logouts. Vince. -- ======================================================================== == Vince Vielhaber -- KA8CSH email: vev@michvhf.com http://www.pop4.net 56K Nationwide Dialup from $16.00/mo at Pop4 Networking Online Campground Directory http://www.camping-usa.com Online Giftshop Superstore http://www.cloudninegifts.com ======================================================================== == _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
В списке pgsql-php по дате отправления: