Login / Password admin security

[frott]

I've set up a PHP driven MySQL backed website for a client. I've decided with this project to learn it all myself rather than just package/configure scripts.

The final piece is building a content management system so that they can:

1. login
2. edit/add/delete stuff from the database

A few questions...

first, the directory structure is:
cgi-bin
htdocs

inside the htdocs are all of the nonsensitive php files, which link via include to a php file in the cgi-bin that holds all of the MySQL db info. I am under the impression that this file with the login/pass etc. is secure because its not in the public web folder. Is this necessarily true or do I have to have it set up a certain way?

When I set up the login/password, I am assuming that I will simply set a cookie in PHP that stores the login/pass and check that against a php script stored in the cgi-bin directory (if it is indeed secure) that is pulling user info from the database, at every page load of the CMS.


Is that as good as it gets, granted that my code itself is as secure as possible? This is going to be storing a store inventory and a user would literally get access to be able to delete the entire thing.

[Kallian]

Quote:

Originally Posted by frott

I've set up a PHP driven MySQL backed website for a client. I've decided with this project to learn it all myself rather than just package/configure scripts.

The final piece is building a content management system so that they can:

1. login
2. edit/add/delete stuff from the database

A few questions...

first, the directory structure is:
cgi-bin
htdocs

inside the htdocs are all of the nonsensitive php files, which link via include to a php file in the cgi-bin that holds all of the MySQL db info. I am under the impression that this file with the login/pass etc. is secure because its not in the public web folder. Is this necessarily true or do I have to have it set up a certain way?

When I set up the login/password, I am assuming that I will simply set a cookie in PHP that stores the login/pass and check that against a php script stored in the cgi-bin directory (if it is indeed secure) that is pulling user info from the database, at every page load of the CMS.


Is that as good as it gets, granted that my code itself is as secure as possible? This is going to be storing a store inventory and a user would literally get access to be able to delete the entire thing.

Damn, I'm reading this like 5 mins before my ride comes for work. I'm a PHP programmer and have done all the login stuff, etc...

I will get back to this when I get home.

PS: For login, look up crypt. Just compare the hashes when they login.

[Kallian]

One way hashes work good for logins. When the user first registers, the password is hashed. The hashed value is stored in the database (server side). When the user goes to login, the user's password is hashed again and compared with the existing hash on the server.

This code works on session IDs, you don't directly mess with cookies. If you want to be REALLY secure, you might want to read and toy with https, otherwise, one-way hashing is pretty good. Remember, no one sees your PHP code unless they have access (physical or remote) to the server. When someone goes to wtf.com/index.php, the PHP server parses the PHP code and sends only HTML code back to the client. So, your salt or database strings will never be seen.

I assume you know PHP or are learning it - here is the register & login script (along with the dbconnect.php script that is included in these files).

Screw PHP tags - I PM'd them to you.