Results 1 to 3 of 3

Thread: cookie encoding

  1. 18-12-2004, 01:06 AM #1
    piggeh
    piggeh is offline
    Senior Member
    Join Date
    Dec 2004
    Posts
    360
    Thanks
    27
    Thanked
    2 times in 2 posts
    • piggeh's system
      • Motherboard:
      • ASUS AiLife IP35
      • CPU:
      • Intel Q6600 G0
      • Memory:
      • OCZ 2x2GB DDR2 (5-4-4-18)
      • Storage:
      • 500GB Spinpoint
      • Graphics card(s):
      • Inno3D 8800GT
      • PSU:
      • Corsair HX520W
      • Case:
      • Antec 900 Case
      • Operating System:
      • Vista 64
      • Monitor(s):
      • Samsung 24" SM2494HS
      • Internet:
      • Virgin Cable

    cookie encoding

    I've created a log in script that checks details against a database. If the login is successful then it sets a cookie on the machine to allow it to log in automatically in the future. My trouble is, somehow giving it some form of encryption, as at the moment, the cookie value is fairly basic (1,2,3..etc, basically the user id in the database). Someone suggested to me to just pick two numbers and create my own formula to make it harder to crack ,but is there a more secure way of doing it? Is there a built in PHP function to do it?

    Any help appreciated.
    Reply With Quote Reply With Quote
  2. 18-12-2004, 10:27 AM #2
    Iain
    Iain is offline
    HEXUS.net Webmaster
    Join Date
    Jul 2003
    Location
    UK
    Posts
    3,108
    Thanks
    1
    Thanked
    0 times in 0 posts
    there's no need to encrypt the user ID as it doesn't tell anyone anything about the user. It's important to encrypt any password details and the best way to do that is a one way encryption such as md5(). Basically what you do is encrypt the password before you set the cookie and then perform a SQL lookup based on the user ID, retrieve the password from the database, apply md5 encryption and then compare the md5 hash to that stored in the cookie. If they match then the user is correct.

    Hope that helps




    Moderates - HEXUS.Suggestions, HEXUS.Software Development
    Reply With Quote Reply With Quote
  3. 18-12-2004, 06:32 PM #3
    piggeh
    piggeh is offline
    Senior Member
    Join Date
    Dec 2004
    Posts
    360
    Thanks
    27
    Thanked
    2 times in 2 posts
    • piggeh's system
      • Motherboard:
      • ASUS AiLife IP35
      • CPU:
      • Intel Q6600 G0
      • Memory:
      • OCZ 2x2GB DDR2 (5-4-4-18)
      • Storage:
      • 500GB Spinpoint
      • Graphics card(s):
      • Inno3D 8800GT
      • PSU:
      • Corsair HX520W
      • Case:
      • Antec 900 Case
      • Operating System:
      • Vista 64
      • Monitor(s):
      • Samsung 24" SM2494HS
      • Internet:
      • Virgin Cable
    well, there's no encryption at the moment, as I just populated the table to get the script working, but yeah that would work. Thanks for the advice.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Encoding
    By evildoc614 in forum Software
    Replies: 8
    Last Post: 11-12-2003, 09:34 PM
  2. Video Encoding
    By evildoc614 in forum Software
    Replies: 3
    Last Post: 31-10-2003, 08:15 PM
  3. A nice big chocolate chip COOKIE
    By Howard in forum General Discussion
    Replies: 6
    Last Post: 22-09-2003, 09:52 AM
  4. Video encoding
    By Agent in forum Software
    Replies: 7
    Last Post: 04-09-2003, 11:42 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules