I have written some code to secure the database administration scripts I use to manage my books database. Now my simple web application has a log in page and you cannot access any other pages without a valid log in. All of the database administration pages are written in PHP and they allow me to manage a table in this web site’s MySQL database.
I could not write my code as elegantly as I would have liked. PHP handles sessions in a peculiar fashion and I had to set the directory where it can save a file for a session. I did not like that. ASP does not use files to manage sessions. Now I have a directory that is collecting files every time I start a session.
Also, the PHP method for doing a redirect does not work very well. It was doing the redirect regardless of the condition that my code was testing. I had to use JavaScript to change the window location.
It works but I plan to spend some more time trying to improve the code because this is a fairly typical requirement for any web application.
2 Responses to PHP Secure Administration Scripts