Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW

Re: Login and Session Thoughts

by fongsaiyuk (Pilgrim)
on Dec 04, 2000 at 19:55 UTC ( #44799=note: print w/replies, xml ) Need Help??

in reply to Login and Session Thoughts

If you'd like to dig a little deeper on how works check out chromatic's discussion over on (hopefully this is the same chromatic here! :) )

Anatomy of an Everything Request

I know... FMTYRWTK

Another method, kinda building on what Fastolfe said, is how the phplib library for PHP works. It sets a unique SessionID in a cookie which is then tied to a record in a SQL database where the session variable are held. The ID is created relatively randomly and then encoded with a "secret password". The password is put into the phplib Session object definition. I'm pretty sure that the md5 algorithm is used in the encoding process. The weakness is keeping the file that contains the secret password safe from the whily crackerz.

So, I think, it's like this: md5( <random number> + <secret password>) = SessionID


Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://44799]
[usemodperl]: perl is not broken, perl is being broken by the web being broken by https, for the love of banking apps on free wifi at coffee shops or something...
[Veltro]: Wondering, would it be so hard to write a small application that you can access using http which forwards the request over web ussing ssl?
[Veltro]: are there not even tools for that?
[usemodperl]: the breakage is so fresh i guess not, so it's up to us! :-)
[usemodperl]: someone has yet to make that future famous free http to https proxy written in perl and supported by ads, paypal, patreon, etc to make millions of dollars a minute!
[Veltro]: Why would this be fresh, I recon this is stuff that happens all the time (not Perl per se)
[Corion]: usemodperl: I'm sure you could even code that on the command line.
[usemodperl]: definitely

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (9)
As of 2018-06-24 17:00 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (126 votes). Check out past polls.