3 Sep
2008
3 Sep
'08
2:41 p.m.
Hi
Dne Wed, 03 Sep 2008 07:42:32 -0400 Marc Delisle Marc.Delisle@cegepsherbrooke.qc.ca napsal(a):
OK. You mean allowing this with a new parameter like AllowRootLogin?
Something like this.
We are not supposed to store credentials in session, so storing a blowfish secret there is not appropriate, IMO. This is why we have not (yet) chosen 'cookie' as default auth_type.
It will be temporary credential to session only, I think it is okay to store there.
Maybe choosing 'http' would be better as a default?
I'm in favor for cookie, simply it is more user friendly.
--
Michal Čihař | http://cihar.com | http://phpmyadmin.cz