Database Reference
In-Depth Information
passing form variables into the SQL statement as opposed to hard coding them as we have
in the queries above.
In the above example we used the
mysql.user
table to demonstrate encrypted password
checking. On a production system, however, it would be best to implement a separate table
in a separate database to store your user credentials.
This is a very simple way of securing your stored passwords, but is not the only security
consideration that you may need to take when authenticating users to webpages. If your
application needs to be secure, then consider implementing a secure web connection as
well as the encrypted passwords, as in our example the password would be sent in plain text
from the web form to the MySQL server. Once it is there and encrypted it is safer, but if
intercepted on the way will still cause a breach of your security system.
Search WWH ::
Custom Search