Remember to reply all so the list gets your posts as well... [EMAIL PROTECTED] wrote: > At 06:48 PM 8/27/2002 -0400, you wrote: > >> This doesn't sound like a CGI script > > > You're absolutely right. This is my second iteration, I've dropped the > CGI implementation for security reasons and because some users only use > the Net for email. >
Ah. Same rules bascially apply, slightly different interface. >> There are a number of modules for manipulating character delimited >> flat db files, for instance DBI::CSV which may be overkill for your >> app. I would check the CPAN for others or someone else here can >> propose some. > > > Thanks. > >> 1) Can you be *completely* certain that the passwords are unique, this >> seems scary to me depending on the number of records keeping track of >> whether some password has already been used could be a hassle, just a >> question. Using a unique (but hidden) identifier such as an int might >> save hassles in the future. > > > Hmmmm... I'll have to think about this. Fortunately, the database will > be small. With a small DB and depending on how often it changes you may get away with it, and we used to use username/password as a unique identifier and just ran into to many problems with them so we switched to ints, which if you eventually switch to a regular DB or develop other things will speed most engines up. > >> 2) Don't know how secure the data is but sending passwords through the >> subject line could prevent more security in the future as headers >> can't be encrypted by most mailers. If the paths are trusted this is >> obviously not an issue. > > > This is for use by psychotherapists -- not very computer savvy. > Primarily, they just don't want to post their phone numbers on a public > web page. Ah, makes sense. I have encryption on the brain these days (thanks to work) so been thinking at that level. http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
