[HacktionLab] secure php login

yossarian yossarian at aktivix.org
Mon Nov 24 08:05:06 UTC 2014


Whoops, sent that a bit early by accident but you get the drift :).

I think if you don't want lots of framework bloat and are really worried about security, go with the lightest possible framework and then build up a stack of well audited, small, and security focused libraries, glued together by your own code. It's more work, so it kind of depends on the tradeoffs you want to make. 

A list of PHP Sinatra clones is available at http://en.m.wikipedia.org/wiki/Sinatra_(software). I have no idea which are any good, but Slim still seems to be under active development. 




<div>-------- Original message --------</div><div>From: johnc <johnc at aktivix.org> </div><div>Date:21/11/2014  14:27  (GMT+00:00) </div><div>To: hacktionlab at lists.aktivix.org </div><div>Cc:  </div><div>Subject: [HacktionLab] secure php login </div><div>
</div>-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

OK no bitching please ;-) I want to use PHP to create a web frontend for
a system that will handle:
- - secure Login
- - registration
- - password reset
- - password recovery

Further requirements:
- -Secure!!!
- -Reasonably light (not really interested in the bloat of a heavy
framework like cakephp, Zend or similar)
- -PHP only. I don't have time to learn another language currently!
- -GPL licence or similar.
- -Under active development.

This looks promising https://github.com/panique/php-login-advanced  What
do you think?


Looking for suggestions and comments. Many thanks.

Cheers,
John
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iQIcBAEBAgAGBQJUb0u2AAoJELy1jPQ1KER7QW4QALTOVZZE3H0PK93g/AK9IUGy
JqnYGQuODI2p0KYYBjTvs37R94NmIw+7nMkFL8FCsqKBdOWotia8h0krCi9bQ1TJ
VJz3shKrg7JC9FLdn5I+Wyu6rMhkww2TyirPaZMUXkGOYxz6ptVsQT9SmIdhJJPH
sb3SVWPFCKxT7MPfEQmIxUEp9wyIl5ZDDCJIfv6vTU1aPwN6+uAYnqTKmHTWaX8e
RnlvFuSoUjHjxtpFduNHi6Z3C1EtBHQk430IYmcxehHPzUVzfK7vLfntltST6NxD
4FH0B9W7sfmhrSAwOLHWVwDqEqhQ4fV0RqAZ+W0JWNPwTeU5gxSeU2FyA5FoIT4S
tb1j28pLEfV1ygQUIcL0QMfbo6MVpJmaS86jGfM7mwQwDs783PqVYbXUKF48T5u1
KS+HRGi8JYlvdm2jYrwvH+AQpDcl9erTxhzu8bTdszvjL2j6gmiE1ZTIvLqu0VpN
p63aJJpZ/aTHLd9+YmDzSnFr3o12Bnr4P0BXwdoz1hf34ANlZxUe48oUQQ1h9ICz
1dur76LU7PY/GSP9og1a+9XbbnKLdJ4eSlUJ5D5lrnY6ur5oy9ytw+uv9x9zPC7y
7Qxpqsax5riuyvKsCsc7pZ0bXwogLLemMwprYFmbum0OEbgLitfl1Rz01YbaiAUl
uIaL3o/wu/8z/TdO6EKg
=MozQ
-----END PGP SIGNATURE-----

_______________________________________________
HacktionLab mailing list
HacktionLab at lists.aktivix.org
https://lists.aktivix.org/mailman/listinfo/hacktionlab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.aktivix.org/pipermail/hacktionlab/attachments/20141124/37bfc6c3/attachment.html>


More information about the HacktionLab mailing list