Just suggestion but why not use md5($password) and then send the result of
that in your GET?
Adam
On Wed, 21 Aug 2002, Mark McCulligh wrote:
> I have two server. One running PHP/Linux the other running ASP/2000.
> The user logins into the PHP server and session variable
ECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, August 21, 2002 1:30 PM
Subject: Re: [PHP] Passing variables between servers
> Just suggestion but why not use md5($password) and then send the result of
> that in your GET?
>
> Adam
>
> On Wed, 21 Aug 2002, Mark McCullig
Hi !!
I know you said you cont want to use cookies ... I suggest that place
encrypted data in a cookie and in the win2000 machine place a php script
that read the data in the cookie, uncryptit and some how set the info
for the asp script, a plain text file or something ...
I hope this is useful
[snip]
I thought about encrypting the whole querystring then decrypting it on the
other server, but I wanted to keep the address bar clean. I wanted the user
not to know they just got passed. If all a sudden there was a lot of data
in the address bar they will wonder what it is for.
[/snip]
How
MD5 is a one-way hash. There is no way to get information back out of it.
If he keeps a copy of the hash locally to comare instead of the original
password, this is still as vulnerable as using the original password in this
case. The only thing it would protect from is making available the origi
www.SykesCanada.com
[EMAIL PROTECTED]
- Original Message -
From: "Jay Blanchard" <[EMAIL PROTECTED]>
To: "'Mark McCulligh'" <[EMAIL PROTECTED]>; "'Adam Williams'"
<[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, Au
6 matches
Mail list logo
