sampras's Profile User Rating: -----

Reputation: 0 Apprentice
Group:
New Members
Active Posts:
2 (0 per day)
Joined:
19-February 12
Profile Views:
254
Last Active:
User is offline Jun 05 2012 09:44 PM
Currently:
Offline

Previous Fields

Dream Kudos:
0
Icon   sampras has not set their status

Posts I've Made

  1. In Topic: User Authentication Class

    Posted 5 Jun 2012

    Well, the problem with session is that it destroys when users close their browser.
    In case of sites like Facebook, I have noticed even if you close your browser,
    you still can go back to your account without logining in.

    This shows Facebook is using cookies.
    I would like to learn how to securely implement cookie into my login system?
    My own guess is to:

    1) create random string when user logs in and store in table.
    2)add the user agent to the random string.
    3) hash the coupled string and store in a cookie.
    4) store the user_id and hashed string seperately in login table.

    Then:
    5) every time the user goes to a new page, compare the browser
    Cookie Hash string within the database table if there was a match.
    6) get the random string from table and add it to clients http agent
    And chech to see if it is the same as the string in the cookie.
    7) if everything was a match then allow user into the new page.
  2. In Topic: User Authentication Class

    Posted 28 Apr 2012

    Hi thanks for the greate article, is there a reason why you have avoided using cookies?

My Information

Member Title:
New D.I.C Head
Age:
Age Unknown
Birthday:
Birthday Unknown
Gender:

Contact Information

E-mail:
Private

Friends

sampras hasn't added any friends yet.

Comments

sampras has no profile comments yet. Why not say hello?