StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
13514290
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2012-11-22T13:58:54.167
FavoriteCount
0
LastActivityDate
2014-07-24T12:51:22.260
LastEditDate
2014-07-24T12:51:22.260
LastEditorUserId
1774954
OwnerUserId
1774954
ParentId
3974838
PostTypeId
2
Score
4
ViewCount
0
LastEditorDisplayName
text
Body
Bit late for my answer, but i'll post anyway and i know this doesn't directly answer the question but it is related non the less. Here are a few points about login security. Remember Me You are best to re-hash the hashed password, and store the rehash in the cookie used to automatically log the user in. When you rehash the password, use something specific to the browser as a seed such as the browser type. This will help prevent the cookie being stolen (via people snooping on the network traffic). This helps prevent any chance of using rainbow tables. Sessions Be aware of session hijacking: <a href="http://en.wikipedia.org/wiki/Session_hijacking" rel="nofollow">http://en.wikipedia.org/wiki/Session_hijacking</a> CSRF Cross Site Request Forgery - Implemented after you login, but something to be aware of since it only affects logged in members: <a href="http://en.wikipedia.org/wiki/Cross-site_request_forgery" rel="nofollow">http://en.wikipedia.org/wiki/Cross-site_request_forgery</a> HTTPS HTTPS should be used on the page the login request is being sent to - it does NOT have to be on the page you are typing your login details on! Hashing You can hash a password client side using javascript which would only server to protect members from having their passwords stolen while transfering them over the network when not using HTTPS. This is good because many people often use the same password for many sites. The disadvantages are: you can't check password length server side & they can't loggin if javascript is disabled (though you can program around that to a degree). Yahoo used to (might still do) do this years ago. When you recieve the password on the server it is often rehashed using a seed and stored in the database. This is more secure as even if people know the hash, they still can't login! Only the original password will rehash to the same hash letting the user login. Keyloggers If you want to get around keyloggers (or most of them) you can do so by adding a JavaScript keypad / keyboard. The user then clicks the letters and numbers to enter their password using the mouse instead of the keyboard meaning the keylogger has a hard time logging the password. Know Something, Has Something, Is Something The three levels of security. Something someone knows such as a password, something someone has such as a phone (google completes these first 2 using 2 step verification), and something someone is such as a finger print. The more of these you fullfill the greater your security credentials are - by a long shot!!! Bots Computers sometimes try to brute force a fast login page (must be fast as if the password is incorrect and the script pauses for even just 1 second, that greatly reduces the total login attempts a bot can make. To help stop this you can either pause an incorrect login for 1 or 2 seconds (like linux does) or you can produce a capture that bots have a hard time solving after X incorrect logins (like google does). There the main points, but i'm sure there are others.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POPHP Login Script (Secure but not like a bank vault)
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USVBAssassin
UserOwnerUserId
1. USVBAssassin
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.