Greetings, list!For the sake of security I have been looking for a way to increase thelength of the session id from 8 characters to something longer. Unfortunately, this doesn't seem to be addressed anywhere in thedocumentation or the list archive. I have also noticed by visiting a few of the sites in the "hall of fame" that they also use 8-character sessionid's. Is there any configuration or setting that may address this?Thanks.
From what I can see in the code the session id is assigned in Vend/Session.pm by : $Vend::SessionID = random_string();
random_string sub is found inVend/Util.pm And there it says:
sub random_string {
my ($len) = @_;
$len = 8 unless $len;
my ($r, $i);
$r = '';
for ($i = 0; $i < $len; ++$i) {
$r .= substr($random_chars, int(rand(length($random_chars))),
1);
} $r;}
As there is no parameter passed to random_string it takes 8 ... It could be something relatively simple to make configurable I suppose? CU,
Gert _______________________________________________ interchange-users mailing list suppressed http://www.icdevgroup.org/mailman/listinfo/interchange-users
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.