Hi there,
I am using a simple user authentication code that lets the user enter his/her name and the password then checks the database to either permit/deny the user.
Suppose the user logged in. Now this user will be entering multiple php pages and each page will connect to the database using the user's name and password.
My question is: How can I pass the user's name and password from page to page?
I was thinking about using something like this in the authentication page;
print "<INPUT TYPE='hidden' NAME='userName' VALUE='$PHP_AUTH_USER'>";
print "<INPUT TYPE='hidden' NAME='userPassword' VALUE='$PHP_AUTH_PW'>";
And in the php pages I can do the following:
mysql_connect('localhost','$POST[userName]','$POST[userPassword]);
mysql_select_db('db');
I don't think it very effecient.
Is that the only way to do ? Is it secure enough?
Thanks
