Guillaume Dupuis <mailto:[EMAIL PROTECTED]>
We currently have 3 php servers. Can we use the same SessionID to connect across the 3 systems? If not, what would you suggest to minimize the number of login prompts, while keeping secure?
Here's an idea (whether or not it's a good idea is another story):
Store the username+password as an MD5 hash in a cookie, also store the user id. Then on the other servers you can read the user id and use that to pull out the username and password hash (you do hash your passwords within the database right?) from a database and then hash those two and compare the result with the cookies info.
I think you missed the part where he said "while keeping secure"... :)
Storing something like this in a cookie is in no way secure.
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
