Back to Vincent's original request about session id and login: how secure is
your session id? Have you signed it? If not, someone can try to sending
random IDs and break your authentication.
Well, if you sign it and sign it properly, you basically end up with the
same idea in those "Authen + Ticke
On Sat, Jul 16, 2011 at 1:01 PM, Vincent Veyron wrote:
> As I said, I replaced the call to tie with :
>
> $r->pnotes('session' => Storable::retrieve($session_file));
>
> where $session_file again is retrieved from the cookie.
>
> What I can't find out is : how do I store %session into a database
>
Le vendredi 15 juillet 2011 à 17:59 -0400, Perrin Harkins a écrit :
> I think you're misunderstand. Storable doesn't do this for you. The
> idea is you could capture the session in a variable and write that to
> a database.
>
Let me explain; I used to do :
tie %session, 'Apache::Session::Po
