Re: [PHP-WIN] A measre of security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



cmiiw
----- Original Message -----
From: "Gustav Wiberg" <gustav@xxxxxx>
To: <php-windows@xxxxxxxxxxxxx>
Sent: Wednesday, February 14, 2007 6:39 PM
Subject: [PHP-WIN] A measre of security


Hi!

This is a kind of security-question....

I'm starting up a system, where several customers should be able to login
with there own information.
Each company I give unique identity with "hard-coding" and each company has
its own folder...


Harding-coding, something like:
$company -> setIDCompany(1);
$company -> setIDCompany(2);
$company -> setIDCompany(3);

[bedul]
you should not try hardcoding by your self.. is suffer your health.. hehehe
why don't you use an id.. if you enter this using db.. every new record or
company will given a new id..
like you enter new comp anda the new will have 4 and soon
but if this not what you wanted.. just created a random var like this

i enter new comp.. where the var given = a4s43.. this comp will have id
a4s43 and have folder named a4s43
=====================================================
Diffrent folders:
customers/company1
customers/company2
customers/company3

and so on...


This isn't complicated, but when I add a new company....    ...I must be
200% sure that the IDCompany is set correct (There is a chance of setting
the wrong ID for a new company or forgetting to change it)
[bedul]
to search what your id entered .. try use
int mysql_insert_id ( [resource link_identifier] )


Retrieves the ID generated for an AUTO_INCREMENT column by the previous
INSERT query.

=======================================

The companys ARE NOT ALLOWED to see each others information.
[bedul]

try above suggestion.. use random var for folder.. how to get em??

$idFromTable=mysql_insert_id ($handle);

$rndNum=rand(2100);

$randomID="a".$idFromTable."s".$rndNum;

========================================
Is there any good way of solving this with some sort of
comparision-mechanism or something like that? Any thoughts?
[bedul]

interesting. can u explain more about 'sort of comparision-mechanism'??

 ===================

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux