We help IT Professionals succeed at work.

What's the best way to secure a web site ( user name/password )

awarraic asked
I have a web site that had users table and 'login' page sends the user input to "authentication page" which checks if it's the right user and authenticates the user. Now one problem that I might be facing is, I am passing user info through the url (query string), but, how if someone changes the url, they can get into other users's data? How should I secure this? any ideas?
One soulution that I have is, passing the user info aftre hasing it (hash()) so that it's not that easy to hack/guess what info is being passed.
Just wondering if someone has a better way of doing this, any example, sample code will be helpful.
thanks much.
Watch Question

instead of using $_REQUEST or $_GET, change your HTML form to method="post" and use the $_POST superglobal array.

POST does not add variables to the query string.



I am using form just to sent the info to "authentication" page and then I am just redirecting (header) along with the query string which shows up in the URL. So, I am not using form in the "authentication" page. If that will be form, you are right, 'll definately use Post.
So you are passing user data FROM the authentication page TO the page that people go to after they are authenticated?

If this is the case, use sessions. After the credentials are checked, start a session using session_start();

You must have session_start(); at the beginning of every logged in user page.

After the session is created, you can set session variables like this: $_SESSION['name'] = "joe"; $_SESSION['userlevel'] = "3";

and so on... A cookie is set on the browser called PHPSESSIONID that only contains a unique number that refers to a session stored on the server.

On your logout page, you should use session_destroy();
Even if you use post or get, you are still passing them unencrypted to the server.
What you could it is use some client side javascript and encrypt the username/pass so as not to pass it unecrypted to the http post/get. This will make things more difficult to hijack. Still not being the optimum solution.
Moreover you could sanitize and validate the passed data on the server side so as not to allow any sql injection taking place that i guess you are afraid off.
Finally for avoiding a bot script to repeatedly call your page trying to inject it you can add a captcha script to avoid bots.
You could also add a timed delay, and disable for instance 5 wrong tries of logging in puting a 1 minute delay. This will also prohibit any hijackers from contuing to try

Explore More ContentExplore courses, solutions, and other research materials related to this topic.