Posted by Andy Pieters on 04/06/05 08:29
I forgot to mention some context related stuff.
1. This is for distribution, so wether or not session will actually be
avaiable is something I cannot know.
> Right now I am giving a trust factor of 80% to POST and 0% on GET. What
> trust factor should I apply to SESSION
2. These trust factors are applied AFTER login verification. (The login is
verified with a cookie that holds a unique id I sent when the user loged on.
This is validated against a database. The unique id's live span is extended
after each request)
Thank you for your input already
Andy
--
Registered Linux User Number 379093
--
Feel free to check out these few
php utilities that I released under the GPL2 and
that are meant for use with a php cli binary:
http://www.vlaamse-kern.com/sas/
--
[Back to original message]
|