• caglararli@hotmail.com
  • 05386281520

Session management and login PHP scripts

Çağlar Arlı      -    5 Views

Session management and login PHP scripts

I want to write login scripts for clients websites to make them more secure. I want to know what best practices I can implement into this. There are password protected control panels in abundance, but very few seem to implement best practices in terms of code writing, speed and security.

I will be using PHP and a MySQL database. I used to use PBKDF2 and bcrypt for hashing. I use MVC for design pattern.

Some login scripts log the IP address throughout the session or even the user agent, but I want to avoid that as it isn't compatible with proxy servers.

I am also a little behind the best practices for using sessions in PHP 5, so some best practices with this would be helpful, and also an example would be very helpful.