cool... I'm trying to make this as secure as possible without binding myself to one webserver.. (ie apache with apache::session) so I want the session to expire within 15 minutes without use.. I am not using cookies.. only ID passed as form parameter thought all links and forms. CGI::Session is going to be using MySQL with password protection. (I'm using files until I get it all setup)... Is there anything else I can do to improve reliability and security of this? Later on, I will probably convert this thing to mod_perl... it shouldn't require too many changes.. and it will make some of the code redundant. I love the layout.. it took awhile to get used to it.. but now I have the framework setup.. extending this app is a breeze.. I love CGI::Application.. its probably the most useful module I've used.. HTML::Template is pretty cool too. Those two with CGI::Session really are designed for each other... Good stuff :-) rgds Frank -----Original Message----- From: William McKee [mailto:suppressed Sent: Tuesday, 17 December 2002 9:49 PM To: Franki Cc: suppressed Subject: RE: [cgiapp] logging in with CGI::Session and CGI::Application On 17 Dec 2002 at 21:40, Franki wrote: > I am already using CGI::Session Good choice. I use CGI::Session as well. > One thing though.. sort OT.. have I got the expiry set correctly above? > expire=>'+15m' I am not sure its working correctly. I don't use this feature but Sherzod reads this list and will hopefully post a reply for you. If not, try emailing him directly. William -- Lead Developer Knowmad Services Inc. || Internet Applications & Database Integration http://www.knowmad.com --------------------------------------------------------------------- Web Archive: http://www.mail-archive.com/suppressed/ To unsubscribe, e-mail: suppressed For additional commands, e-mail: suppressed
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.