Reply to Re: how to create 'remember login' functionality during login — PHP Programming Language

Posted by Rik Wasmus on 10/31/07 21:04

On Wed, 31 Oct 2007 21:56:57 +0100, floortje <none@none.none> wrote:

> Op 2007-10-31 21:30:58 +0100, zei "Sanders Kaufman" <bucky@kaufman.net>:
>>> of the username, ip and supersecret
>>> match the hd5hash in the cookie
>> I use a "loginCookieValue" (UUID) in the users database.
>> Every page-view gets a new one.
>> That way - even if a would-be hacker steals a "session" for one page, it
>> won't be good for the next.
>
> Even better offcourse but i'd still check the ip.

Then you'll be quite miserable with for instance AOL users. Sometimes
those people seem to change IP (during a session I might add) due to their
proxy network I believe...
--
Rik Wasmus

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация