[Phpmyadmin-devel] speed improvement in auth_type cookie!
Marc Delisle
DelislMa at CollegeSherbrooke.qc.ca
Wed Nov 24 04:39:21 CET 2004
Hi,
after some profiling (thanks to Garvin for the hint about xdebug), I
found that using a blowfish encryption coded in php was taking about
70-80% of the execution time every time we encrypt or decrypt. And
since we have the security feature of adding the current time to
username and password cookie (which makes a stolen cookie useless after
LoginCookieValidity seconds), we encrypt and decrypt on each click!
Thanks to Michal for the suggestion of using mcrypt. It's now
used instead of blowfish.php (if available), producing dramatic speed
improvements.
I will add in the doc a strong suggestion to use this library.
Meanwhile, please test :)
Marc
More information about the Developers
mailing list