[phpgrabcomics-announce] Daily Patch
Brought to you by:
baravalle
Menu
▾
▴
[phpgrabcomics-announce] Daily Patch
|
From: Jim <jw...@ma...> - 2006-12-13 03:48:07
|
Andres: Your daily patch solves a problem I noticed this morning: you were sending passwords over the network in the clear (in the GET line, no less). That's just not kosher: anyone sniffing the air / wire can find it, and anyone standing behind you can just read it in the address bar. Since we have this MD5 function, I decided to MD5 it on the client's end and send the hash over the Internet. Obviously I took out the MD5ing on the server end to compensate. Patch is enclosed. (I also added the copyright line to md5.php as I rewrote most of that file, as per your instructions). -- Jim Wyllie Master's Student IRG Lab, Dept. of EE and CS Ohio University |
