[Maypole] Auto Increment Primary Keys (and Documentation)
Perrin Harkins
perrin@elem.com
Fri, 28 Jan 2005 19:57:51 -0500
On Thu, 2005-01-27 at 22:44 -0700, Gordon Haverland wrote:
> What am I working on in particular? Well, I really don't want to
> see any sessions of my project get hijacked. So, reading
> PerlMonks and other stuff, I happened across a comment by Randal
> Schwartz about "branding" a browser session. So, I am putting
> the IP, user agent, sessionID, and a few other things, along with
> a HMAC_SHA1 digest of that data and a 160 bit random number into
> the values part of a cookie (session cookie).
I suggest you avoid using IP, unless this is an intranet site where you
have control over the network. Users who come through proxies (i.e. AOL
and other large ISPs) can change their IP on every request.
- Perrin