Of cause, Cookies can help, if you want some modules can deal with cookies, look at : http://search.cpan.org/search?mode=module&query=Cookies But how to let the cookies becomes a reliable issue, that depends how you design on it.
But the concept on using cookies is somewhat talking about GET something from client and verfiy something at server. In case, there is also like http://yoursite.tld/script.pl?usr=xxx&pass=xxx&page=somepage however, the user name and pass can be encrypted by ip, time, etc. and let this encrypted string ( usr=xxx&pass=xxx )becomes a key for this attemp. So even other can get the url, but due to different ip, time, etc., they can't get grant to access. Of cause, this key have to be killed, expried when user logout or after a period of time. Then your job is to design your enc. and dec. methods. Check the %ENV values, and you may dig something out from clients, can help for your design. Rgds, Connie ----- Original Message ----- From: "Yupapa" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, July 27, 2002 1:34 PM Subject: Advice > Hi, > > I have a script that allows my users to login. The script checks for valid > username and password. After that, it will then redirect to a url > containing the valid username and password and those variables are converted > to hexadecimal. The problem is that if the user gives out the url to > someone, he/she can login to his account. Do you have any idea how to solve > this problem? I prefer not to use .htaccess for my login script. > > If you think it works with cookie and session, could you please give me an > example? I am not familiar with those. > > > -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
