[Phpmyadmin-devel] speed improvement in auth_type cookie!

Marc Delisle DelislMa at CollegeSherbrooke.qc.ca
Wed Nov 24 04:39:21 CET 2004

after some profiling (thanks to Garvin for the hint about xdebug), I 
found that using a blowfish encryption coded in php was taking about 
70-80% of the execution time every time we encrypt or decrypt. And
since we have the security feature of adding the current time to 
username and password cookie (which makes a stolen cookie useless after 
LoginCookieValidity seconds), we encrypt and decrypt on each click!

Thanks to Michal for the suggestion of using mcrypt. It's now
used instead of blowfish.php (if available), producing dramatic speed 

I will add in the doc a strong suggestion to use this library.

Meanwhile, please test :)


More information about the Developers mailing list