EthernetSummit
Programmer
I am designing a webpage using Perl and lots of text files 
(no MySQL )
I want to do a log on bit and was wondering whether this idea was any good.
Type in username and password and click go. Reads passwords stored in a text files (and decrypts them, basic decryption only) and then if it matches, gives them a cookie with a string of 32 random numbers with the expiry set to when the browser closes. Also it saves the string in another text file with their username (or username id) and when they last visited a page.
Everytime they visit another page logged it, it changes that time. When ever anyone visits a page, it checks that file, and if any strings are more than 10minutes old, it deletes them. So they need to sign in again if they are inactive for 10 minutes.
I was wondering if this was a good method. Is there any way for people to read your Perl scripts or find the structure to your webpages (to stop them finding special password text files?
Thanks
(no MySQL )I want to do a log on bit and was wondering whether this idea was any good.
Type in username and password and click go. Reads passwords stored in a text files (and decrypts them, basic decryption only) and then if it matches, gives them a cookie with a string of 32 random numbers with the expiry set to when the browser closes. Also it saves the string in another text file with their username (or username id) and when they last visited a page.
Everytime they visit another page logged it, it changes that time. When ever anyone visits a page, it checks that file, and if any strings are more than 10minutes old, it deletes them. So they need to sign in again if they are inactive for 10 minutes.
I was wondering if this was a good method. Is there any way for people to read your Perl scripts or find the structure to your webpages (to stop them finding special password text files?
Thanks