Let me rephrase my last question, which library or PHP frame can I use for professional and secure authentication? Extra points if your idea helps implement the functions of the account control panel (change password, change profile).
How do you understand that? Have you ever done strong authentication with PHP?
I personally really like the symfony framework and the sfGuard plugin. It provides a very easy authentication setup. It hashes and salts all passwords and provides an interface for managing users, groups, and permissions.
Symfonys routing and configuration makes it very easy to set a secure flag on every page or even the "area" of your website. I did not have to look elsewhere when creating a secure website.
, , - ulogin.sourceforge.net. , , //. , sql/ldap .. PHP, Cake/CI, .
Drupal? ssl . " " .
ESAPI has a common structure that you can use, it will take a little reinstallation, but it is solid for what you are looking for. And, of course, authenticate via SSL, do not store authentication information on the client, etc.
Source: https://habr.com/ru/post/1771493/More articles:Как я могу сделать свой метод Perl более похожим на лося? - perlC ++: Datatypes, which to use and when? - c ++How can I call a php script from java code? - javaTwitter javascript library showing retweets? - javascriptProtect your PHP file; as? - htmlThe correct way to find out if a service is running as a SYSTEM user is - cHow do Microsoft queries handle data (RDL)? - c #An HTTP module session is not installed on a page without an extension - c #Extract number from day in pl sql - dateПеренаправление с помощью cURL? - phpAll Articles