On 2003-10-06, Steve Comrie <[EMAIL PROTECTED]> wrote: > I know there's a couple people on the list that have mentioned it before and > I haven't had a use for it up until now, but what techniques / CPAN modules > are being used to encrypt static URL's to prevent URL hacking?
By static URL, I assume you mean a "GET" style query string, not just the URL of a static page. My applications tend to be (Postgres) database backed. Often I pass around primary ids of table rows (instead of the data). Or, if a user has some data that is specific to them, it can be stored in session table, and just the session_id is passed. Lately, I've been using CGI::Session for that, and I will be start using my own CGI::Session::PureSQL module with it soon. "PureSQL" stores data in the standard database way of one value per column, rather than the default CGI::Session method of serializing all the data into a Perl data structure in a single DB column. That will be released on CPAN once its cleaned up a bit. I noticed that someone wrote CGI::Session::Auth, which adds extra functions to check for "logged_In" and so forth. I may look more into that module as well. Mark -- http://mark.stosberg.com/ --------------------------------------------------------------------- Web Archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2 To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]