[nycphp-talk] self-expiring pages

Ophir Prusak ophir at
Tue Mar 11 10:04:31 EST 2003

That's easy (I do it all the time).
Take the original URL (or filename, entry ID, etc) and concat a timestamp to
Enrcypt the whole thing (no need for PGP, just a simple one way encryption
will do).

Then on the landing page decrypt the whole thing and simply see how old the
timestamp is.
If it's withing your timeframe, do a forward / passthrough of the content.


----- Original Message -----
From: "Bill Lovett" <bill at>
To: "NYPHP Talk" <talk at>
Sent: Monday, March 10, 2003 8:41 PM
Subject: [nycphp-talk] self-expiring pages

> I have an idea for an application that I'd like to get some feedback on.
> Let's say you need to keep track of user login information for several
> client servers. Security is obviously a concern. In my case, I need a
> way to safely provide this information to both technical and faintly
> technical staff.
> I started thinking about how some mailing list managers work, where you
> state what you want to do, and then get a confirmation email with a link
> or special reply address that must be received by the server in order
> for your request to be processed.
> With that in mind, I'm wondering how I could set up a random link
> generator that would issue urls that are only valid for n minutes, but
> with querystrings that aren't obvious. If I had that piece of the
> puzzle, I could add additional security by restricting the addresses who
> could receive such links and by storing the passwords in mysql with heavy
> user restrictions. So the full process would be:
> -send an email to a special account
> -email is received by a script which generates a time-sensitive link
> -user clicks on link and gets the info they need (over ssl) or gets a
"sorry, too
> late" message
> Has anyone ever done anything like this? Better still, can anyone see a
> way to squeeze pgp into the picture?
> -bill
> --- Unsubscribe at ---

More information about the talk mailing list