On 19 May 2011 at 23:47, Adam Richardson <simpleshot@xxxxxxxxx> wrote: > You did make several other great points (session hijacking, multiple login > attempts), but to be fair to Tedd, there are many levels of security, and I > doubt he's trying to educate PHP developers with your background. In the > same way that someone's first foray into the world of database access using > PHP likely avoids a 20 table database with complex transactions for atomic > operations and in-memory queues for eventually consistent data where > performance is a must, I see this as a reasonable first exposure to the > general principles of how one might use the features of PHP to password > protect a group of pages in a site. I think this is the salient point. Provided the example is correct in itself, is marked as being aimed at the novice, and at the same time lists some of the areas that deliberately haven't been addressed in the example provided, then that should suffice. The difficulty IME is finding more advanced examples, which would help the transition from learning mode to preparing for a production environment. tim
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
