G'day! I've got two questions that are related to login functionalities with web pages. a.. I noticed on a login page that the form element contained the following: <FORM METHOD=POST>. I suppose that the ACTION element is defined on a webserver level (?). I've searched the documentation for the Apache server, but can't find anything about it. Any tips? b.. I'm securing certain web pages with user names/passwords stored in a database, which I then simply match with the user credentials entered by a user. Now I'm thinking about using encryption for the database contents and matching the hash with the hash of the entered credentials. But my question is: Using PHP to encrypt the entered user credentials doesn't have effect on the client level, right? So that still leaves the unsecured communication between client and server. How to remedy that? K. Sharp
