-3
I would like to know how to create a master password in PHP that can be used to ensure access to a certain resource protected by authentication, independent of the informed user.
1 answer
0
You can create a field in the table with the name senhamestre and when it’s time to make the conditional for the password, make a OR for senhamestre. Thus may one log in with the password value or with the master password.
Browser other questions tagged php
You are not signed in. Login or sign up in order to post.
Have you ever thought of adding an if saying that if the user and password typed were x and y then it is to log in without checking?
– Israel Zebulon
What is the goal (requirement/reason), what have you tried and what difficulties have you encountered? A suggestion: do not do this.
– Caffé
It would be interesting to know the reasons. But I agree with @Caffé, don’t do this, and a bad idea in terms of security.
– Omni
I rewrote the writing of the topic. Now it may even be justified to reopen it, although I agree with the negative reviews.
– Bruno Augusto
I suggest not to mix authentication with authorization: usually when a user is authenticated ("logged in") he is automatically authorized to perform the actions to which he is entitled (i.e. according to his group and/or permissions). But nothing stops you stretching your authorization through a special command (think about the
sudofor example). And if you find it interesting to keep this authorization extended for longer, save in a session variable if user X entered or not with this "master password", and if entered, authorise him to access such resource while the session lasts.– mgibsonbr