It's a website where you can reply to news, blogs and other messages and with a forum. On 2/26/07, Richard Lynch <ceo@xxxxxxxxx> wrote:
On Sun, February 25, 2007 6:45 pm, Tosca wrote: > Quote from Fahad Pervaiz <fahad.pervaiz@xxxxxxxxx>: > "To ensure best security use database as well. Store IP, Session ID, > username, login time. After every few minutes you can re > authenticate the > user against these parameters." > > I have a login system with sessions and a database where I store > session ID, > username and what kind of user they are (like admin, moderator of > regular > member). This I check every time a page is refreshed. Is this secure > enough? Are you running a bank? Or is it just a community forum? Without context, nobody on earth can answer this. Start reading here: http://phpsec.org to have a better handle on PHP security. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So?
