On Sat, 2004-11-06 at 21:38 -0500, Alan Cox wrote: > There are a whole pile of session manager libraries for PHP floating around > and some of them don't suck 8) > Just not acquainted with them, and my métier is servers and networks (i.e. infrastructure) not content so my learning is going slowly. > The linux.org.uk portaloo does the following > > state = [array of things we need to remember] + timestamp > md5sum (state, secret) > cookie = md5result + state > > that gives you rather hard to fake browser kept state very easily > Alan, thanks for the feedback and the comments. Would you mind going into a little more 1-2-3 detail here? I can understand the *concept* of what you are saying, but am utterly helpless to move forward with it given my current level of knowledge. I've been wanting to do this for *months* and simply don't have anywhere near the skillset required, which is why I decided to outsource it or get help with it. Any comments welcome... but please, do take into account that as far as PHP and friends go I am still at Level 1. Thanks! -- Rodolfo J. Paiz <rpaiz@xxxxxxxxxxxxxx>
Attachment:
signature.asc
Description: This is a digitally signed message part