[Phpmyadmin-devel] speed improvement in auth_type cookie!
DelislMa at CollegeSherbrooke.qc.ca
Wed Nov 24 06:07:00 CET 2004
Garvin Hicking a écrit:
> Hi Marc!
> About the LoginCookieValidity - a question: Since I don'T use cookie auth, is it
> possible for users to set LoginCookieValidity off (say to 0) and then the
> en/decoding of the cookie is not always performed?
this would mean that a stolen cookie can be used to authenticate.
> If that's not yet the case, I'd suggest to do so, because I suppose some users
> Setting - so for them, the cookie shouldn't be en/decoded everytime.
> (P.S., Marc: Your mail about the session stuff needs some more thinking from me,
> but I didn't ignore it :-)
P.S. No problem...
More information about the Developers