in reply to How can I prevent login information from appearing in the URL?
I suggest using server side sessions since you
have to exchange only a session ID with the client.
(the session ID can be expired once the session terminates)
the Session ID can be stored in a cookie (better)
or in the url (only if the client doesn't support cookies)
Apache::Session could be of some help:
it takes care of generating session IDs, storing data
etc... once the session is initialized you can use it
as a normal hash.
you can even store complex data structures
since it uses Data::Dumper
(it doesn't need mod_perl as the name would suggest)
|