A few things to try:
1. Use session variables that expire after a certain time. The remote
host, your partner, has to contact your host every X hours to get a new
session key and all communication is done for that period of time using
that key in the URL.
2. Use difficult to guess user identifiers. ie. 32 char alpha/numeric
word as in phplib.
3. Identify the remote partner with a similar key.
4. when someone registers on the remote site, have their site call your
site with the user details.
5. Don't bother with registering users but every time a "new" user comes
to your site, contact your partner site to verify who they are, and if
valid create an account for the new user.
The easiest way is to have the remote host register new users on your
site when they register on their site, then they pass a partner
identifier and user identifier to your site to access your services.
Donncha.
Kyle Jerviss wrote:
>
> Here is an idea I had, but will require that all the sites in question
> maintain very accurate clock synchronization, but doesn't require any
> "Boget, Chris" wrote:
> >
> > I've been charged with trying to find out how something
> > like this can be done if it is at all in fact possible. The info
> > I'm hoping to get is what would be involved and where I
> > can find information on it. I'm not asking for code or
> > examples unless you really want to provide them. :P
> >
> > Anyways, what we need to be able to do is the following:
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
