Problems? Is your data what you think it is? | |
PerlMonks |
Re: Login and Session Thoughtsby fongsaiyuk (Pilgrim) |
on Dec 04, 2000 at 19:55 UTC ( [id://44799]=note: print w/replies, xml ) | Need Help?? |
If you'd like to dig a little deeper on how perlmonks.org works check out chromatic's discussion
over on everydevel.com. (hopefully this is the same chromatic here! :) )
Anatomy of an Everything Request I know... FMTYRWTK Another method, kinda building on what Fastolfe said, is how the phplib library for PHP works. It sets a unique SessionID in a cookie which is then tied to a record in a SQL database where the session variable are held. The ID is created relatively randomly and then encoded with a "secret password". The password is put into the phplib Session object definition. I'm pretty sure that the md5 algorithm is used in the encoding process. The weakness is keeping the file that contains the secret password safe from the whily crackerz. So, I think, it's like this: md5( <random number> + <secret password>) = SessionID fongsaiyuk
In Section
Seekers of Perl Wisdom
|
|