[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] User authentication in web app

Subject: [ale] User authentication in web app
From: kafka at antichri.st (George Carless)
Date: Thu Mar 18 09:00:32 2004
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

On Wed, Mar 17, 2004 at 11:03:26PM -0500, Ben Coleman wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> George Carless wrote:
> 
> | I don't understand.. why return/handle rows that are of no interest to
> | you, instead of checking the password within the query?
> 
> Suppose two or more users have the same password?  You'll get multiple
> rows back from your select, and you'll have to check each of them to see
> if they match the user's username.  You do want to make sure the
> password entered matches the username entered, don't you?

Eh?  You'd check against *both* the username *and* the password in your 
lookup, of course..

--George

References:
- [ale] User authentication in web app
  - From: mainwizard at vei.net (mainwizard at vei.net)
- [ale] User authentication in web app
  - From: kafka at antichri.st (George Carless)
- [ale] User authentication in web app
  - From: oloryn at benshome.net (Ben Coleman)

Prev by Date: [ale] [OT] Writing a parser
Next by Date: [ale] [OT] Writing a parser
Previous by thread: [ale] User authentication in web app
Next by thread: [ale] Linux Show
Index(es):
- Date
- Thread