Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked

Re: Login and Session Thoughts

by fongsaiyuk (Pilgrim)
on Dec 04, 2000 at 19:55 UTC ( #44799=note: print w/replies, xml ) Need Help??

in reply to Login and Session Thoughts

If you'd like to dig a little deeper on how works check out chromatic's discussion over on (hopefully this is the same chromatic here! :) )

Anatomy of an Everything Request

I know... FMTYRWTK

Another method, kinda building on what Fastolfe said, is how the phplib library for PHP works. It sets a unique SessionID in a cookie which is then tied to a record in a SQL database where the session variable are held. The ID is created relatively randomly and then encoded with a "secret password". The password is put into the phplib Session object definition. I'm pretty sure that the md5 algorithm is used in the encoding process. The weakness is keeping the file that contains the secret password safe from the whily crackerz.

So, I think, it's like this: md5( <random number> + <secret password>) = SessionID


Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://44799]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (2)
As of 2019-08-25 02:58 GMT
Find Nodes?
    Voting Booth?

    No recent polls found