Yes, Wiggins and Sean, thank you! That was just the information I needed to point me off in the right direction.
Thanks again. - Bryan >> >> >> I'm still very much a beginner, but I'm starting to see how establishing a >> concept of sessions could be quite handy for my website. So I was > thinking >> of coming up with session ids, which could be some encoded combination of >> their ip address, user name, and the date/time of that session's > start. The >> server would embed the session id into hidden fields or cookies, and > use it >> to determine which areas of the site are available to that user. >> >> Is this a common thing to do? Am I on the right track with this? And if >> so, does perl offer an easy way to encode those three things into a string >> of apparent gobbledygook and back? >> >> TIA. >> >> - Bryan > > This is discussed frequently on this list and is mostly a matter of > preference and/or user demands on how you implement it, aka cookie/url > munging, session ids/user authentication, etc. You should check the > archives for past discussion. > > Apache::Session in particular is highly regarded, though there are other > modules available on CPAN. > > Questions, yes it is a very common thing to do, yes you are on the right > track, and if you want to mess with the lower level yourself, doing > SHA1/MD5 hashes are probably the easiest (to me), aka encode the data > give it to the client, then during the next request re-encode the data > and compare the two. > > I would suggest avoiding doing anything with IP addresses completely as > they are not consistent from user request to request because of things > such as proxies. > > HTH, > > http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
