PHP and MySQL Web Development - P67

PHP and MySQL Web Development - P67: PHP and MySQL Web Development teaches the reader to develop dynamic, secure, commercial Web sites. Using the same accessible, popular teaching style of the first edition, this best-selling book has been updated to reflect the rapidly changing landscape of MySQL and PHP. | 302 Chapter 14 Implementing Authentication with PHP and MySQL password back and forth to the browser with every page requested or delivered this sensitive information is being transmitted more often than necessary. There are two good ways to tackle these problems HTTP basic authentication and sessions. Basic authentication overcomes the caching problem but the browser still sends the password to the browser with every request. Session control overcomes both of these problems. We will look at HTTP basic authentication now and examine session control in Chapter 20 Using Session Control in PHP and in more detail in Chapter 24 Building User Authentication and Personalization. Basic Authentication Fortunately authenticating users is a common task so there are authentication facilities built in to HTTP. Scripts or Web servers can request authentication from a Web browser. The Web browser is then responsible for displaying a dialog box or similar device to get required information from the user. Although the Web server requests new authentication details for every user request the Web browser does not need to request the user s details for every page. The browser generally stores these details for as long as the user has a browser window open and automatically resends them to the Web server as required without user interaction. This feature of HTTP is called basic can trigger basic authentication using PHP or using mechanisms built in to your Web server. We will look at the PHP method the Apache method and the IIS method. Basic authentication transmits a user s name and password in plain text so it is not very secure. HTTP contains a somewhat more secure method known as digest authentication which uses a hashing algorithm usually MD5 to disguise the details of the transaction. Digest authentication is supported by many Web servers but is not supported by a significant number ofWeb browsers. Digest authentication has been supported by Microsoft .

Không thể tạo bản xem trước, hãy bấm tải xuống
55    22    1    29-03-2023
1    236    1    29-03-2023
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.