[DUG] How to make secure MySQL
Pieter De Wit
pieter at insync.za.net
Wed Aug 1 15:01:00 NZST 2018
Oh, I did miss out on the second question, but as David also pointed out, you need to protect this as a whole etc.
As for sessions, yes, they are generally safe. I normally store a copy of it in the database and I check against that. I find that it’s pretty easy to build all the auth checking into a routine that is called before any processing is done. Yes, it adds load to the DB etc but hey - safer is “cheaper” in the long run
Cheers,
Pieter
> On 1/08/2018, at 11:19 AM, jc at magicweb.nz wrote:
>
> Hi all
>
> Can anybody give me some pointers and/or examples of how to make my web app – using MySQL – secure. At the moment I’m just transferring the bare passwords across, not a good idea I guess.
> Secondly, once logged in, a session variable determines a logged in status – safe enough?
>
> Thanks for any reply.
> John C
>
>
> _______________________________________________
> NZ Borland Developers Group - Delphi mailing list
> Post: delphi at listserver.123.net.nz <mailto:delphi at listserver.123.net.nz>
> Admin: http://delphi.org.nz/mailman/listinfo/delphi <http://delphi.org.nz/mailman/listinfo/delphi>
> Unsubscribe: send an email to delphi-request at listserver.123.net.nz <mailto:delphi-request at listserver.123.net.nz> with Subject: unsubscribe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listserver.123.net.nz/pipermail/delphi/attachments/20180801/3cd58539/attachment-0001.html
More information about the Delphi
mailing list