Specifications
PHP AND MYSQL WEB DEVELOPMENT
Authentication Principles ....................................................................291
Using Authentication ..........................................................................292
Encryption Basics ..............................................................................293
Private Key Encryption ......................................................................294
Public Key Encryption ........................................................................295
Digital Signatures ..............................................................................296
Digital Certificates ..............................................................................297
Secure Web Servers ............................................................................298
Auditing and Logging ........................................................................299
Firewalls ..............................................................................................300
Backing Up Data ................................................................................301
Backing Up General Files ............................................................301
Backing Up and Restoring Your MySQL Database ......................301
Physical Security ................................................................................302
Next ....................................................................................................302
14 Implementing Authentication with PHP and MySQL 303
Identifying Visitors ............................................................................304
Implementing Access Control ............................................................305
Storing Passwords ........................................................................308
Encrypting Passwords ..................................................................310
Protecting Multiple Pages ............................................................312
Basic Authentication ..........................................................................312
Using Basic Authentication in PHP ....................................................314
Using Basic Authentication with Apache’s .htaccess Files ................316
Using Basic Authentication with IIS ..................................................319
Using mod_auth_mysql Authentication ............................................321
Installing mod_auth_mysql ..........................................................322
Did It Work? ..................................................................................323
Using mod_auth_mysql ................................................................323
Creating Your Own Custom Authentication ......................................324
Further Reading ..................................................................................324
Next ....................................................................................................325
15 Implementing Secure Transactions with PHP and MySQL 327
Providing Secure Transactions ..........................................................328
The User’s Machine ......................................................................329
The Internet ..................................................................................330
Your System ..................................................................................331
Using Secure Sockets Layer (SSL) ....................................................332
Screening User Input ..........................................................................336
Providing Secure Storage ..................................................................336
Why Are You Storing Credit Card Numbers? ....................................338
xiv
00 7842 FM 3/6/01 3:38 PM Page xiv