![[toggle]](javascript:icntoggle('mod-mnu_application_menul1','module.png');){kind=small}
A page of wanted Modications
Modifications Wanted
A page of wanted Modications
SecurityDoes anyone know of any addons that can be used to create a more secure website? Currently I am looking for something to secure the logins. I am add a bunch of mysql_real_escape clasuses to the source code. Login InformationCurrently all of the passwords in Version 4 are stored as a md5(password) in the singup relation so that is good. However, all of the passwords are sent to the server as a post with the password as plain text. What I want is for the client to authenticate by doing a md5(server_challenge_string + md5(password)). This would be an acceptable method. However, we would need to use ssl to send the password to the server when the user signs up. SQL injectionsyou need to add mysql_real_escape_all() to every single page that uses the database. This is very time consuming and should already be done by clip share. Too bad that don't advertise that this software contains many flaws on a security basis.
|
LoginTop users
Last Visitors
|
.
Last Modification: Monday 07 of July, 2008 13:54:08 CDT by 
