AUTH_MD5 is a client- and server-based
authentication framework with a PHP and JavaScript
class and challenge-response scheme. The server
generates for each request a new challenge, stores
it in the session, and transmits it to the client.
If the client connects for the first time, the
server stores its IP address in the session. The
client generates the md5 based on the password of
the login form and the challenge, and sends it
together with the login to the server. Then the
server computes a md5 from the stored challenge
and the password and compares it with the md5 from
the client. If they match, the user is
authenticated. For each following request of the
client the md5 of password and challenge will be
checked.
FreeVersion: n/a Platform(s): All Updated:
August 24, 2008