I'm using authentification on the web page in the following manner:
User writes his password (only password- they are unique in the database), which is sent to the server as SHA-3. The systems searches for that hash in the database, if founds, writes to the SESSION the name of the user. And the user is redirected to the main page.
Therefore, each time the main page checks the SESSION, and if it's unset, it sends the user to the authentification page.
Is it safe?
Aucun commentaire:
Enregistrer un commentaire