António José (ajose) wrote,
António José

  • Mood:

One step forward!

The login code is giving me a fight but I'm doing it all without depending on cookies and with the verification of the right REQUEST_METHOD and HTTP_REFERER to ensure that there are no side wholes by which someone might try to get in.....

In reality, the login CGI is a "huge" state machine and once entered is always calling it self on each login/password submit until a valid login/password is entered and a session is created or the max number of tries is reached and the user sent back to the initial application screen and the appropriated error message written into the application log.....

Out to have a coffee and rest my eyes a little.
Back to continue in a short while!

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded