> > I see. You mean your session state is not stored on the database, > > but stored as encrypted text in session id itself. > > Yes, and the problem is whether there is some good > algorithm, which will generate this kind of session > ids. Security is not main part of this solution, but > easy finding of these session ids is not desirable. ;) So, it's not really a session ID then; it's your session data. There are tons of two-way encryption modules on CPAN. Try looking at Crypt::CBC. - Perrin
- Re: url mangling/rewriting David Hajek
- Perrin Harkins