Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

(joshua) 2Re: (joshua) 2Re: Cookie not being set

by joshua (Pilgrim)
on Jun 24, 2002 at 05:42 UTC ( [id://176693]=note: print w/replies, xml ) Need Help??


in reply to Re: (joshua) 2Re: Cookie not being set
in thread Cookie not being set

I don't want to turn this node into a discussion on web security but...

Here's my setup:

  • Password is stored encrypted using the crypt function w/ a random key in a file on the server outside of the public-viewing.
  • User enters pass in a form.
  • Password is sent to the server in plaintext (not good)
  • Server encrypts the user's entered password and makes sure it matches the one in the file
  • Server sends cookie to browser that contains encrypted password
  • Each time the user wants to go to a different part of the admin, the server checks the password in the cookie to make sure it's correct.
I know this doesn't sound very secure, so I'll look into some of the other methods discussed.
Never fear, these things become second-nature after you work with the Web for a while :)
I'm kind of seeing that...I've come far since I started doing CGI, but I know I have a lot more to learn.

Joshua

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://176693]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others imbibing at the Monastery: (4)
As of 2024-03-29 11:30 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found