Ahhh, for storing session passwords...if you really need to store a
password in the session then try using md5, like so...
$psw = md5($_POST['txtPassword']);
Then to verify a users password just do the same and compare to the
stored md5 value in your database.
But, its a very bad idea storing passwords in your sessions full stop if
using a shared server.
James
Alessandro Rosa wrote:
I want to thank you all for previous helpings.
Really the first code was easy to be solved, but
this is how it shall work out. This is a program running
locally and the trouble is that session vars are stored
in local files. I must avoid to store a plain text password
therein, thus I need to crypt and save it into session.
When 2.php file just displays session data (it is test environemnt),
but the output is blank !
Suggest a different approach ?
Alessandro Rosa
<?php
session_start();
////////////////////////////////////////////////////////////
require_once('crypting.php');
require_once(dirname(__FILE__).'/../mysql_wrap/mysql_man.php');
$handle_db = connect_to_mysql_server();
$psw = $_POST['txtPassword'];
$psw = encrypt( $psw, get_crypt_key() );
sql_disconnect( $handle_db );
$_SESSION['session_user'] = $_POST['txtIdUtente'];
$_SESSION['session_password'] = $psw;
////////////////////////////////////////////////////////////
session_cache_limiter('private');
require_once("config.inc.php");
$PHPcmd = $GLOBALS['gestionale_path_name']."phpcode/login/2.php" ;
header( "Location: ".$PHPcmd );
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
