I have a delphi client MySql LOGIN. I am using AnyDAC to manage this.
Now, it all works well, but id like it to be secure. I am well aware security issues and also understand it would be more secure to handle my login via php. However, my project will not work this way.
I dont want scriptkiddies loading my login client and running a sniffer or any kid of applications tools to intercept login details from client to MySQL server.
I need some sort of secure coding code, i can out in. One that not only, protects data being sent, but also writes it as a "salted" or encrypted password on the SQL database, so not even admins can see it.
In other words, i want it to write them into database exactlly how PHP does it, so passwords can't be seen or sniffed.
The following is my loginscript using ANYDAC components.
procedure TForm1.Button1Click(Sender: TObject);
ShowMessage('Username or Password Incorrect');
if Flag then