Re: CGI::Application redirecting from one handler to another.

in reply to CGI::Application redirecting from one handler to another.

Sure, do an MD5 of the password -- you never want to have the password going anywhere in plaintext. If the password passes your 'tough enough' rules, MD5 it, re-direct to the place where you add the new user and password to the database, and continue.

Later, you should be able to log in using the same MD5 operation on the same password.

Am I missing something obvious?

Alex / talexb / Toronto

Life is short: get busy!

Comment on Re: CGI::Application redirecting from one handler to another.

Replies are listed 'Best First'.
Re: Re: CGI::Application redirecting from one handler to another. by skx (Parson) on Jan 02, 2004 at 17:47 UTC
The problem is that even if the password is hashed the redirect will lead to an URL that is visible to the user. Which means that they could cheat and bookmark this in the future to create arbitary unvalidated accounts - now at the moment I have a simple scheme to avoid this with the use of sessions, but making this less visible would be a good thing. Steve --- steve.org.uk	[reply]

In Section Seekers of Perl Wisdom