Posts Tagged ‘authentication’
Security
Posted by AI Dating | Filed under Developments, Web Development
Since a dating site deals with extensive user data, security might be an issue. Although from the ethics perspective people will agree on the fact that the supplied information becomes property of the application and/or organizations around it. Just like on MySpace and other social profile equivalents. However the data gathered should also be stored in a secure way so that other users can’t access it when they don’t have permission to get it.
So I looked into authorisation systems. Some scripts are now secured using the apache authorisation module (.htpasswd). However for the user pages I needed an authorisation script that is secure and provides people with a login and sessions so they can stay logged in for some time. Many scripts were available but I decided to go with the Auth extension of Pear. For which an installation of Pear is also a prerequisite. So today I installed PEAR and I am experimenting with the offered authorisation options and how to implement those. Good authentication is a necessity especially since AJAX requests are quite vulnerable to misuse. Tomorrow I will look into how to store the user data. PEAR is also used for the database abstraction layer and might be used for other functionality that will be implemented.
Creating a secure PHP login script
Creating a secure PHP Login Script
Pear