Re: [Phpmyadmin-devel] speed improvement in auth_type cookie!

24 Nov 2004


      Garvin Hicking a écrit:
...
Hi Marc!
About the LoginCookieValidity - a question: Since I don'T use cookie auth, is it
possible for users to set LoginCookieValidity off (say to 0) and then the
en/decoding of the cookie is not always performed?
Hi Garvin,
this would mean that a stolen cookie can be used to authenticate.
Marc
...
If that's not yet the case, I'd suggest to do so, because I suppose some users
may want to use cookies, don't have mcrypt but wouldn't need the CookieValidity
Setting - so for them, the cookie shouldn't be en/decoded everytime.
Regards,
Garvin.
(P.S., Marc: Your mail about the session stuff needs some more thinking from me,
but I didn't ignore it :-)
P.S. No problem...

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Re: [Phpmyadmin-devel] speed improvement in auth_type cookie!