I have got a login function where I have added a is_numeric to check if id is a numeric I think might help for a bit of added extra security
I have other features but is that a good and is there any thing else you would recommend?
Also is hash_hmac and hash sha512 good for passwords if I choose to use them currently I have been using password_hash()
I have other features but is that a good and is there any thing else you would recommend?
Also is hash_hmac and hash sha512 good for passwords if I choose to use them currently I have been using password_hash()
PHP Code:
public function login($customer_id, $remember = TRUE) {
if(!$this->is_logged_in()) {
if (is_numeric($customer_id)) {
$set_session_userdata = array(
'customer_id' => $customer_id,
'is_logged_in' => TRUE
);
$this->CI->session->set_userdata($set_userdata);
if ($remember) {
$this->create_autologin($customer_id);
}
} else {
$this->logout();
}
}
}
public function logout() {
$this->CI->session->unset_userdata('customer_id');
$this->CI->session->unset_userdata('is_logged_in');
$this->delete_autologin();
}