From owner-freebsd-questions Sun Oct 22 17:26:33 2000 Delivered-To: freebsd-questions@freebsd.org Received: from vnuserv.vnuhcm.edu.vn (unknown [203.162.44.33]) by hub.freebsd.org (Postfix) with ESMTP id F356A37B4C5 for ; Sun, 22 Oct 2000 17:26:28 -0700 (PDT) Received: from hcmut-server.hcmut.edu.vn (hcmut-server.hcmut.edu.vn [172.28.2.2]) by vnuserv.vnuhcm.edu.vn (8.9.3/8.8.7) with ESMTP id PAA19805; Mon, 16 Oct 2000 15:09:23 GMT Received: from vnuserv.vnuhcm.edu.vn. by VNU-Gateway with ESMTP Ver (1.1Plus) for recipient addresses : , Received: from dit.hcmut.edu.vn (ditlab.dit.hcmut.edu.vn [172.28.10.21]) by hcmut-server.hcmut.edu.vn (8.10.1/8.10.1) with ESMTP id e9GEdhT25506; Mon, 16 Oct 2000 10:39:43 -0400 (EDT) Received: from dit.hcmut.edu.vn by dit.hcmut.edu.vn (8.8.8+Sun/SMI-SVR4) id WAA01819; Mon, 16 Oct 2000 22:07:40 -0700 (GMT) Message-ID: <39EB1598.8F4B9408@dit.hcmut.edu.vn> Date: Mon, 16 Oct 2000 21:50:00 +0700 From: Nguyen Manh Tho Organization: Database Group - Department of Information Technology X-Mailer: Mozilla 4.72 [en] (Win95; I) X-Accept-Language: en MIME-Version: 1.0 Cc: Alejandro Ramirez , FreeBSD Questions Subject: Need your help in Webmail References: <38B69523.18D7D9B8@dit.hcmut.edu.vn> <001b01bf7fa3$d0eaaa60$020a0a0a@megared.net.mx> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Dear Sirs/ Madams, Firstly, I am terribly sorry about this mail. I know that this is the FreeBSD user group, but I need your help in webmail system, the system that I have to develop now in FreeBSD system. I am Nguyen Manh Tho, lecturer at Department of information Technology, Hochiminh city University, Vietnam. I am member of database group, but this semester I have some important tasks that not belong to my specified field. I am writing the Web mail system that support for students communicate with staff and others through the Intranet by Web environment. I found the free source code for web mail in Perl, and now I am re-writing it to improve its security. I now stack in the following step: - After user login with user name and password, the browser open the mail page in which user can check mail, see and delete. I encode the sessionid to hide the sessionid + username + password but this sessionid is still appear in the URL of the browser. If I copy this URL and Paste to other browser, I can read mail in this browser without reenter username + password as in Hotmail ot Yahoo. I would like to know how to encode and hide these information (sessionid+username+password), and force the user must to reenter username/password as they copy the URL to other Web browser. - I also would like to encode the password and username of user because now if I use cookies, I still put these informs into source pages (if I do not put in URL). I am afraid that experienced hacker can decode all the username/password and will make all thing worse. If anyone know the webmail source that can be compare to Hotmail and Yahoo or their principals, please let me know or help me solving these problems. Thank you very much in advanced, I am looking forward your response, -- Nguyen Manh Tho. +++++++++++++++++++++++++++++++++++++++++++++++ Engineer, Lecturer, Database Group, Department of Information Technology, Hochiminh City University of Technology, Block A3, 268 Ly Thuong Kiet Street, Ward 12, District 10, Hochiminh City, Vietnam. Email: nmtho@dit.hcmut.edu.vn URL: http://www.hcmut.edu.vn Phone : 84-8-8658689 (ext. 599) Fax: 84-8-8654137 +++++++++++++++++++++++++++++++++++++++++++++++ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message