php_mysql_apache [Electronic resources] نسخه متنی

What are the advantages of database files over plain text files for storing user authentication information?

Can you name some disadvantages of HTTP basic authentication?

What function is designed to allow you to set a cookie on a visitor's browser?

Database files are much more scalable because they can be indexed. This means that Apache does not need to read the file sequentially until a match is found for a particular user, but rather can jump to the exact location.

One disadvantage is that the information is transmitted in clear text over the network. This means that unless you are using SSL, it is possible for an attacker to read the packets your browser sends to the server and steal your password. Another disadvantage is that HTTP authentication does not provide a means for customizing the login (except the realm name). It is very common for Web sites to implement custom login mechanisms using HTML forms and cookies.

The setcookie() function allows you to set a cookie (although you could also output a Set-Cookie header using the header() function).

Practice using the various types of authenticationboth server-based and with PHPon your development server. Get a feel for the differences between basic HTTP authentication and something you devise on your own.