comment on

There are a lot more than two ways to store your information (I assume you mean session data). One good way is to use the cookie or hidden field to simply hold onto a session key -- sometimes MD5 encrypted. That key would crossreference a row in a database such as MySQL, in which you keep the session info.

This approach is desirable because it keeps all the information on the server side, instead of trusting the client's browser to pass it back and forth in cookies or hidden fields. Remember that cookies and hidden fields can be manipulated by ill-behaved (or custom) browsers. By keeping the data server-side, and associating it with an MD5 generated session key, you improve security somewhat.

A lot of the legwork is done for you by CGI::Session, and CGI::Session::MySQL. For ID Generators, see CGI::Session::ID::MD5.

Dave

In reply to Re: Security/Ease of use Question by davido
in thread Security/Ease of use Question by Spidy

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.