thanks in advance for the heads up
Jan 15, 1999, 12:24 PM
Novice (11 posts)
Jan 15, 1999, 12:24 PM
Post #1 of 2
Views: 1998
Jan 15, 1999, 1:16 PM
Veteran / Moderator (8669 posts)
Jan 15, 1999, 1:16 PM
Post #2 of 2
Views: 1824
When a user logs in to the database, a huge random number is appended to the userid and I file is created in the auth directory with the combination of the two. For example, when you log in as admin, a file would be created with the name of something like "admin.99991234565478" (I don't remember how many places the number goes). Each time the person who has logged in sends a command to DBMan, the userid, with the number, is sent along with it. Before the command is executed, the auth.pl file checks to see if there is a file in the auth directory which matches the userid+number. If there is, it checks to see what this user is allowed to do and, if he is allowed, the script executes the command. If not, he is sent to the "unauthorized" page.
After a while, your auth directory could become full of these files, so, in addition to the above, every time someone executes a command, the auth.pl script also takes a look at all the files in the directory and deletes those that are more than 6 hours old. For most purposes, this is plenty, as it would be unlikely that one person would still be using the database without logging in again for 6 hours.
I hope I explained this clearly enough.
------------------
JPD
After a while, your auth directory could become full of these files, so, in addition to the above, every time someone executes a command, the auth.pl script also takes a look at all the files in the directory and deletes those that are more than 6 hours old. For most purposes, this is plenty, as it would be unlikely that one person would still be using the database without logging in again for 6 hours.
I hope I explained this clearly enough.
------------------
JPD