|
PHP - Which Is Safer?
I have a login with a username and password. Which of these is safer?:
- Storing the username and password as cookies (the password is hashed and salted before storing it as a cookie) - Storing just a token as a cookie which is checked against users in the database and retrieves the information Similar TutorialsI was using Include() with an ereg expression to strip all harmful characters out of the $_GET['id'];. However, a few people have stated to me that no matter what I do this function is not safe to use and is easily exploitable even after removing illegal characters from $_GET['id']; Now I am looking for a way to include a web page that uses html and php. file() does not work as it includes my php code within the output so anyone can read it. File_get_contents() did not display any of the page whatsoever. |
|||||||