On Thursday 23 September 2004 11:41 pm, Paul M Foster wrote:
> I've got to provide a low-security password scheme for a customer
> website. The customer has an xBase database on the site which will
> contain usernames and passwords. We aren't going to bother with SSL or
> try to avoid having passwords in the clear. The users will be in the
> hundreds and will change from week to week. The access being managed
> isn't important enough to have a bulletproof system. We're only
> restricting access to certain webpages.
>
> Most of the ways I've seen to manage this are too cumbersome. For
> example, using .htaccess and .htpasswd files under HTTP would be nearly
> impossible, given the above parameters (for example, hundreds of
> constantly changing users).
>
> Has anyone seen a good solution, limited to CGI, Python or PHP?
>
> Paul
SSL is really reasy to implement and only cost about $100/year.
Creating a simple login screen using php is easy.
The issue would be what it is that you can loose, if the wrong kind gets
access. If it's that low value just have a login prompt like you suggest. If
it has any value at all, then read up on how to implemnt php safely.
I've not written one for long time but it took like an hour to research and
implement from scratch last time I did.
--Steve Szmidt
"They that would give up essential liberty for temporary safety deserve neither liberty nor safety." Benjamin Franklin ----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:59:42 EDT