 |  |  |  |  |  |  |  |
Safely Admin Panel
Please support our PHP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
Thread Solved |
I have administration part of my web site. But it will have only one user who will login in the page.My question what is more safely from attacks ? The user and password to be stored in mysql database or directly in .php file ?
Last edited by ultras1; Oct 20th, 2009 at 7:27 pm.
0
#2 Oct 20th, 2009
A database would be more secure.
If your PHP compiler stopped working for any reason, your PHP code yould be displayed as plain text, meaning that your password would be visible.
However, if you have it in a database and the compiler stops working, then the user will not see the Admin password. Although they would see the database connection information.
The best way would be in a database, and setup access hosts in your database to prevent anyone other than Localhost making a connection (Also, make sure your database user password is not the same as any other password you use, a string or random numbers/letters/symbols for example)
If your PHP compiler stopped working for any reason, your PHP code yould be displayed as plain text, meaning that your password would be visible.
However, if you have it in a database and the compiler stops working, then the user will not see the Admin password. Although they would see the database connection information.
The best way would be in a database, and setup access hosts in your database to prevent anyone other than Localhost making a connection (Also, make sure your database user password is not the same as any other password you use, a string or random numbers/letters/symbols for example)
AJAX is not a programming language, scripting language or any other sort of language.
It is acheived by using JavaScript http functions.
So, AJAX = JavaScript.
It is acheived by using JavaScript http functions.
So, AJAX = JavaScript.
0
#3 Oct 21st, 2009
encrypting the password before storing it to the db is also a good security measure.
•
•
Join Date: Aug 2007
Posts: 87
Reputation: 
Solved Threads: 7
Junior Poster in Training
0
#4 Oct 21st, 2009
Please Store your all Username and Password in Database with Encrypt of Password Field. This is Most Security Option in admin Panel.
http://www.kuchamancity.com
Hem Web Solution..
Behind Every Successful Man, There is an Untold Pain in His Heart.
Hem Web Solution..
Behind Every Successful Man, There is an Untold Pain in His Heart.
0
#6 Oct 21st, 2009
One more question. What is better solution for login users. Cookies or sessions?
In cookies I put the time of their duration, but what about sessions, how long is their duration?
In cookies I put the time of their duration, but what about sessions, how long is their duration?
•
•
Join Date: Aug 2007
Posts: 87
Reputation:
Solved Threads: 7
Junior Poster in Training
0
#7 Oct 21st, 2009
the best solution is session..
because after a specified time the use automatically logged out so session is best option for security.
because after a specified time the use automatically logged out so session is best option for security.
http://www.kuchamancity.com
Hem Web Solution..
Behind Every Successful Man, There is an Untold Pain in His Heart.
Hem Web Solution..
Behind Every Successful Man, There is an Untold Pain in His Heart.
0
#8 Oct 21st, 2009
•
•
•
•
Originally Posted by hemgoyal_1990 
the best solution is session..
because after a specified time the use automatically logged out so session is best option for security.
This can also be done with Cookies, you can set the time they expire.
I assume you meant that they expire when the browser closes, but an auto timeout is not really required in most situations so can't really be used as the main point for using sessions..
The main advantage of sessions is that the session data is stored on the server, not on the client PC (Cookies store the data on the Client).
The only thing that is stored on the client is the session ID.
AJAX is not a programming language, scripting language or any other sort of language.
It is acheived by using JavaScript http functions.
So, AJAX = JavaScript.
It is acheived by using JavaScript http functions.
So, AJAX = JavaScript.
•
•
Join Date: Aug 2007
Posts: 72
Reputation:
Solved Threads: 10
Junior Poster in Training
0
#9 Oct 21st, 2009
I use this in my projects:
http://www.evolt.org/node/60384
http://www.evolt.org/node/60384
 |
Similar Threads
- How do I cirumvent case sensitivity issues in the admin panel of phpBB 2.0? (PHP)
- admin (PHP)
- Admin Panel script (PHP)
- Question on CF server/admin panel (ColdFusion)
- Admin login problem (PHP)
- phpbb admin panel add ons (PHP)
- Cant acces vbulletin admin panel (Growing an Online Community)
Other Threads in the PHP Forum
- Previous Thread: hosting site on personal web host....!!
- Next Thread: Connection failure
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest PHP Posts
- Today's Posts
- Unanswered Threads
.htaccess alerts apache api archive array autocomplete beginner binary broken cakephp checkbox class cms code convert cron curl database dataentry date display duplicates dynamic echo email emptydisplayvalue error execute explodefunction file files firstoptioninphpdroplist folder form forms function functions google hack href htaccess html htmlspecialchars image include insert ip javasciptvalidation javascript joomla keywords limit link login mail matching menu methods mlm multiple mysql network object oop paypal pdf php problem query radio random recursion recursive redirect remote script search securephp server sessions shot sms source space sql subscription syntax system table tutorial tutorials update upload url validator variable video web youtube
