On 8/11/10, Michael Rosenthal rosenthal3000@googlemail.com wrote:
It's maybe not the best idea to authenticate using get (hint: the super secret password is stored in web server logs (I'm not sure but I think they are (partially?) available to public)).
It seems that all people who have access to the logs also have access to the db table.