I
ioneabu
I have been using Apache:Session:MySQL for generating session ids in my
attempts at creating a secure login environment on the web where once
the users id is validated, a session id is generated which is passed
from page to page and is checked against the database at each page to
verify that it is legitimate and current. I think this is pretty much
the standard way to do it.
I realized that I was not using the other features of
Apache:Session:MySQL, just creating a big random string to be used as a
session id. Since I know how to insert a big random string into a
database, I thought I could skip using this module altogether and just
make up my own session id:
#!/usr/bin/perl
use strict;
use warnings;
my $count = @ARGV ? int $ARGV[0]:10;
my @array;
my $c = 'a';
for (my $i=0;$i<26;$i++)
{
push @array, $c;
$c++;
}
$c ='0';
for (my $i=0;$i<10;$i++)
{
push @array, $c;
$c++;
}
my $out;
for (my $i=0;$i<$count;$i++)
{
$out .= $array[rand(36)];
}
print "$out\n";
As you can see, this simple program just creates a random string of
letters and digits of a length defined by $ARGV[0].
1) Is there a better or more interesting or more concise way to write
the above code?
2) Is there any reason i should still use Apache:Session:MySQL if all I
am doing with it is creating session ids?
Thanks!
wana
attempts at creating a secure login environment on the web where once
the users id is validated, a session id is generated which is passed
from page to page and is checked against the database at each page to
verify that it is legitimate and current. I think this is pretty much
the standard way to do it.
I realized that I was not using the other features of
Apache:Session:MySQL, just creating a big random string to be used as a
session id. Since I know how to insert a big random string into a
database, I thought I could skip using this module altogether and just
make up my own session id:
#!/usr/bin/perl
use strict;
use warnings;
my $count = @ARGV ? int $ARGV[0]:10;
my @array;
my $c = 'a';
for (my $i=0;$i<26;$i++)
{
push @array, $c;
$c++;
}
$c ='0';
for (my $i=0;$i<10;$i++)
{
push @array, $c;
$c++;
}
my $out;
for (my $i=0;$i<$count;$i++)
{
$out .= $array[rand(36)];
}
print "$out\n";
As you can see, this simple program just creates a random string of
letters and digits of a length defined by $ARGV[0].
1) Is there a better or more interesting or more concise way to write
the above code?
2) Is there any reason i should still use Apache:Session:MySQL if all I
am doing with it is creating session ids?
Thanks!
wana