Passwords and Loggin in

carl68

I want to do a very secure log in script. The two ways I can think of doing this is :

Having variables hoolding username and password on the log in screen and when the input field == password and username goto the loged in screen, or should i have a SQL db with them all in.

Cheers for your time and help

CARL HEATON

[deleted]

First, you never EVER store a password in plaintext. Never.

Store all your passwords in the database as MD5() hashes.
This makes them useless to any hackers.

Gather the username and password from the user through a webform.
Create an MD5 hash from that password, and compare the outcome with the data that you have in the database.

carl68

Thankyou very much for your help.BUT 🙂
Is there anyway of passing a username and password in the url for another php file to read and say YES i know this person as this and this variable says i should. The vars could be global in the PHP or they could be quered from a MySQL database.....?

Cheers Carl

[deleted]

Have a look at sessions.