Ok, I’ve scoured countless php websites. I’ve read plenty of advice about how NOT to do things, but very little about how to correctly deal with secure logins.
First of all, I access the database to compare username and password to make sure the user is allowed access. I’ve read that it is recommended that the connection script be an included file and reside in a folder outside the root directory that cannot be accessed via a web browser. That’s all well and good of course, but the host I am using (I cannot change this, management just doesn’t understand!) does not allow me to create folders outside root. So how do I otherwise protect the password of the database? Since my database only includes user information, and the passwords stored within the database are encrypted, need I worry about keeping the database password any more secure than it already is? I would imagine I do!
This brings me to my second question… The user types in his username and password. The users password is stored in the database. However it’s encrypted. How can I compare the encrypted password from the database to the unencrypted password the user provides. The basic solution is to encrypt the user-entered password, but how do I know how to encrypt it? I’ve seen several encryption techniques. How do I know which one to use?
My third question is once I’ve confirmed the user is allowed to enter the website, how do I make each successive page aware that this user is actually allowed to access each page. It doesn’t make sense to have them enter their username and password each page (although I’m sure this is the most secure method!). I know how to pass data from one page to the next using the GET and POST method, but that hardly seems the best way to do this. I’ve read a little about using sessions, but I haven’t come across anything that explicitly explains how to use them for confirming the user attempting access is the one that I previously confirmed. I’ve also read that sessions are easy to hack once you know the session id which I have to pass using the GET method, which makes them seem useless for this application. I imagine I’m missing something. It would be easy for there to be something like a PASS method so I could use something like $username = $_PASS[‘username’]; but I don’t think that exists (it should!).
I’m sorry for the long winded explanations, but I’m only barely better than a complete novice at php, and I’ve never had to be concerned with security before. Furthermore, please do no think that I want you to write all the code for me, but rather explain the process, or at least point me in the right direction. It seems to me that the only ways to pass data between pages, exposes the data to potentially malicious users, or requires too much inconvenience for the authorized users.
Thanks in advance for any help or direction you can provide!