[Tallahassee-pm] PHP authentication
Tillman, James
JamesTillman at fdle.state.fl.us
Fri May 16 13:34:05 CDT 2003
Oh, and I failed to see your other question about permissions. I've also
done some work in that area, too. I've always stored the perms that were
pulled from the database in a session-type cache -- again, see
Apache::Session (works with CGI, too) -- or simply retrieved it from the
database each time, depending on the performance requirements.
jpt
-----Original Message-----
From: Phillip Tyre [mailto:phillip.tyre at fcul.com]
Sent: Friday, May 16, 2003 2:16 PM
To: tallahassee-pm at mail.pm.org
Subject: [Tallahassee-pm] PHP authentication
Has anyone had any experience with a custom perl, or PHP based
authentication framework using mysql as the back end? I've done some
looking, but all the ones I've seen tend to make the same basic assumptions.
Once you authenticate the user, and set a cookie, then you can trust all the
cookies that are set for that user (admin status, username, etc).
I'm really looking for something more secure, where the actual session table
in the database would hold the permissions, and based on a matching session,
the table would be queried to retrieve the permissions.
Am I way off base on this?
Phillip Tyre
P.S. This message brought to you because of the heavy silence this list has
experienced since the last time I posted.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pm.org/pipermail/tallahassee-pm/attachments/20030516/bb869fc9/attachment.htm
More information about the Tallahassee-pm
mailing list