in reply to Implementing Cookies

I wouldn't use IP addresses for tracking users ( or session ids based on them for that matter) as they can change between visits for returning users (for those of us on dial up accounts). Apparently they even change between page requests for aol users due to proxys.Also with the use of proxys many users could be seen to originate from the 1 IP address.

I'd generate as session ID , fairly long and random , and store it as the key to a DB and in the cookie.

Then when the user visits lookup the key in the DB and get/set any info that you need to.

Replies are listed 'Best First'.
Re: Re: Implementing Cookies
by drifter (Scribe) on Nov 20, 2001 at 17:25 UTC
    Yes, this is the way I solved a similar problem, I used Apache::Session::Generate::MD5 to get random enough data, but I guess "there's more then one way to do it". Just keep in mind that Cookies have a limit of chars they can hold in the value field which is AFAIK 255, so creating too long random data might not be what you want.
[reply]

In Section Seekers of Perl Wisdom