Re: url mangling/rewriting
On Fri, Aug 10, 2001, Tatsuhiko Miyagawa wrote: On Fri, 10 Aug 2001 14:40:13 +0200 David Hajek [EMAIL PROTECTED] wrote: I see. You mean your session state is not stored on the database, but stored as encrypted text in session id itself. Yes, and the problem is whether there is some good algorithm, which will generate this kind of session ids. Security is not main part of this solution, but easy finding of these session ids is not desirable. ;) -- David Hajek [EMAIL PROTECTED] GSM: +420 604 352968 - Hackers of the world, unite!
Re: url mangling/rewriting
I see. You mean your session state is not stored on the database, but stored as encrypted text in session id itself. Yes, and the problem is whether there is some good algorithm, which will generate this kind of session ids. Security is not main part of this solution, but easy finding of these session ids is not desirable. ;) So, it's not really a session ID then; it's your session data. There are tons of two-way encryption modules on CPAN. Try looking at Crypt::CBC. - Perrin