I am attempting to build a secure login system. Upon successful login each user (4 user levels) will be directed to the specific area of the site. I have built most of the forms these users will be working with. The information on this site is sensitive, so I have been researching MD5 encryption, sessions, and cookies. I will need to track user actions throughout the site. Basically when user add/modify/update information in the database, I want to know who did it and when they did it. I am hoping this can be accomplished using sessions with php and mysql. The system should also keep record of every time a person logs in. I have downloaded scripts, searched the web, php.net and canít seem to understand the correct and most secure way to make this happen. Please advise me on the proper way to accomplish this, or direct me to a solid tutorial.
Well, the first thing you need to understand is that MD5 is not encryption, but a hashing algorithm.
You also have to balance security for the application. Depending on the sensitivity of the information, you may need more or less "paranoid" security. You don't want to overdo the security.
By default, sessions in PHP are not very secure. For example, the default location for session files is /tmp -- which is generally open on systems. Which means that anyone that has access to the system can read your session files (or delete them).
What you should start off with is take to take the proper security measures againts the most common types of flaws in not only PHP, but many server-side scripts (see this guide).
Second, you should list down the different security roles (domains) that the program should have to deal with. For example, what level of security will each user role have? Plan this out on paper first.
In addition, write your own session handlers, or at a minimum, move the session store location to somewhere secure.
Also -- this is a very common problem that I see in 99% of the scripts -- only give the minimum permissions required to your database user that is being accessed by the script. For example, there is no need for the database user that PHP is using to have DROP permissions if all you are doing is printing a report from a table. If you give the minimum permissions, then if the script is compromised, there is some limit to the damage that a hacker can do using that script (atleast to your database).
There are other measures that you can take, but like I mentioned earlier, it all depends on the value of security vs. data. Start with the guide I posted, and come back if you have other questions
In order to understand recursion, one must first understand recursion.
If you feel like it, you can read my blog
Signal > Noise
easy answer no, because if they can still get to one script, they can still include everything.
I dont belive that its possiable to make anything 100% secure. I think you have to think about rasing it, for example make sure folder permissions are set correctly. If its set at 777 does it NEED to be 777 or would say 755 do the job for you?
To have it outside your web directory helps a little, but make sure that your scripts are the only ones that can access it.
Note to self: Add something funny! Search is your friend!
If it is in a shared environment, it is almost impossible to make things 100% secure from other people who have access to that server. However things like phpsuexec and open_basedir go a long way to helping security.
Our Lampshade framework handles most of this for you. (If I had to code it for each project I've done, I'd be a wreck.) It uses SHA-1 instead of MD5 for a more secure hash, as well. There's a free version on our site for non-commercial use: