News Feed
Jobs Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

MelbourneChapter.net:
PHP and Authentication Security
April 04, 2006 @ 07:29:22

From the MelbourneChapter.net site, there's an informative post looking at user validation methods, specifically the powerful PEAR::Auth package.

Once we have the user we need to authenticate the details they have submitted. To do this the usual approach is to query a 'user' table in your database to check the corresponding username and password.

This is fine in most situations, but as systems scale we often find that maintaining this user table with current user/passwords can be a lot of trouble. Often in larger systems and organisations usernames and passwords are controlled centrally. This can be in the form of a directory service, such as LDAP. Some situations you may even use a RADIUS, SAMBA, PASSWD style or POP3.

Instead of trying to create all of the above connections, they suggest using the well-established PEAR::Auth package. They even link to a method of getting it installed on a shared hosting platform. TO finish it off, they include a reminder to always asses the security of your application, and suggest keeping an eye on the PHP Security Consortium's SecurityFocus Newsletters for the latest PHP security-related issues.

0 comments voice your opinion now!
authenication security pear auth package authenication security pear auth package


blog comments powered by Disqus

Similar Posts

Amir Saied's Blog: Updating PEAR Services_Ebay

Smackdown Blog: Rackspace Hacked Clients, Check Your Databases: Wordpress "wp_optimize" Backdoor

Pádraic Brady's Blog: Automatic Output Escaping In PHP & The Real Future Of Preventing XSS

ThinkPHP Blog: New Help Center for Chorizo!

PHPied.com: JSON renderer for Text_Highlight


Community Events











Don't see your event here?
Let us know!


composer podcast language symfony2 framework introduction hack component install application code hhvm facebook security unittest overview release package example series

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework