Re: [phplib] question about functionality of phplib From: fabrizio.ermini <email protected>
Date: 01/30/01

> So, assuming SSL cannot be used, what are the various ways to pass encrypted
> data from the browser to the server? Is this the sort of thing that phplib
> is designed for? (I thought so, but I have become unsure of this
> assumption.) And how well does phplib integrate with PHP 4?
>
There is an example in the distribution of PHPlib of building a
challenge/response authentication, where the password is never
exchanged on the net (is called example_challenge_auth if I
remember well). That may satisfy your requirements.
But, if security is a concern, remember to restrict the
authentication mode to "cookie" only, since the "get" method is
basically unsecure.
As for PHP4, i'm using PHPlib under PHP4 since more than a year
and I've never encountered any problem (db, session, auth, perm,
user and table objects - don't know nothing about template and
forms, however). I choose not to use PHP4 sessions and mantain
PHPlib's because of the flexibility in storage they carry with them.

HTH
bye!

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

Fabrizio Ermini Alternate E-mail:
C.so Umberto, 7 faermini <email protected>
loc. Meleto Valdarno Mail on GSM: (keep it short!)
52020 Cavriglia (AR) faermini <email protected>

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>