Perl Monk, Perl Meditation | |
PerlMonks |
Re: Implementing Cookiesby JPaul (Hermit) |
on Nov 20, 2001 at 19:50 UTC ( [id://126528]=note: print w/replies, xml ) | Need Help?? |
Given, whenever I do session handling, users have an account with the service - but; I will take their service username and combine it with a random string (Normally the MD5 of my /etc/passwd, just as a little joke), from that I produce another MD5 checksum and store it in the cookie like so: filmo:3d42e7ab7cd3f127cda36ed2512eb4c6
The MD5 checksum allows me to verify (in a relatively secure manner) that the username stored in the cookie is the one I assigned to that cookie in the first place. Someone has already mentioned that IPs aren't a particularly affective way of tracking user sessions. I would agree with this, multiple cache proxies are often implemented at large ISPs, and this will make your IP address often times rather redundant.
JP,
In Section
Seekers of Perl Wisdom
|
|