Hello all,
I'm in the process of setting up p.mapper for a client who wishes to map
potentially sensitive data to authenticated users.
Users will need to be authenticated against an SQL db residing at
another location so I was looking to steer away from .htaccess based
ideas. If anyone has
you could contact Walter Lorenzetti, afaik he was working on something
like this.
Regarding the map images in the tmp folder: have a look at the file
names (a combination of session ID and time in microseconds) and then
decide if these names are guessable... if you use cookies for sessions