Perl-Sensitive Sunglasses | |
PerlMonks |
Re: How to make a secure websiteby Anonymous Monk |
on Jul 09, 2004 at 16:03 UTC ( [id://373185]=note: print w/replies, xml ) | Need Help?? |
A good session-id would be constructed like this: choose a few (around 70) strings at random place username,IP,user-agent among them calculate the Digest::MD5 from their concatenation prepend this and the (entered) password to each of them sort these (combined) strings by their Digest::MD5 concatenate the original strings in this sorted order calculate the Digest::MD5 of this concatenation and use it as session-id place the original strings at key session-id into the database
In Section
Seekers of Perl Wisdom
|
|