K
krakle
I'm creating members only service with perl (I will be using mod_perl)
for a busy web site. I need to create a Members Area that is pass
protected.
Originally I wanted to generate a random SID upon logging in and
storing the SID in mySQL and also creating a cookie on the users
computer to 'keep the user logged in'. However, I was told using
cookies may not be a good idea. So the idea of storing the SID in the
URL or hidden inputs arised. I really do not want to do this.
Is there anyways I can implement a password protected members area
with perhaps a persistent session without the use of cookies? Any
implementation ideas? I've seen sites like FaceTheJury.com which
validates a login and they don't have SIDs in the URL or cookies
created for this purpose.
Please don't suggesst .htpasswd it is out of the question being that
it does linear style lookups and I need more control over the
sessions.
for a busy web site. I need to create a Members Area that is pass
protected.
Originally I wanted to generate a random SID upon logging in and
storing the SID in mySQL and also creating a cookie on the users
computer to 'keep the user logged in'. However, I was told using
cookies may not be a good idea. So the idea of storing the SID in the
URL or hidden inputs arised. I really do not want to do this.
Is there anyways I can implement a password protected members area
with perhaps a persistent session without the use of cookies? Any
implementation ideas? I've seen sites like FaceTheJury.com which
validates a login and they don't have SIDs in the URL or cookies
created for this purpose.
Please don't suggesst .htpasswd it is out of the question being that
it does linear style lookups and I need more control over the
sessions.