NYCPHP Meetup

[Ophir Prusak]

That's easy (I do it all the time).
Take the original URL (or filename, entry ID, etc) and concat a timestamp to
it.
Enrcypt the whole thing (no need for PGP, just a simple one way encryption
will do).

Then on the landing page decrypt the whole thing and simply see how old the
timestamp is.
If it's withing your timeframe, do a forward / passthrough of the content.

Ophir

----- Original Message -----
From: "Bill Lovett" <bill at ilovett.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Monday, March 10, 2003 8:41 PM
Subject: [nycphp-talk] self-expiring pages


>
>
> I have an idea for an application that I'd like to get some feedback on.
> Let's say you need to keep track of user login information for several
> client servers. Security is obviously a concern. In my case, I need a
> way to safely provide this information to both technical and faintly
> technical staff.
>
> I started thinking about how some mailing list managers work, where you
> state what you want to do, and then get a confirmation email with a link
> or special reply address that must be received by the server in order
> for your request to be processed.
>
> With that in mind, I'm wondering how I could set up a random link
> generator that would issue urls that are only valid for n minutes, but
> with querystrings that aren't obvious. If I had that piece of the
> puzzle, I could add additional security by restricting the addresses who
> could receive such links and by storing the passwords in mysql with heavy
> user restrictions. So the full process would be:
>
> -send an email to a special account
> -email is received by a script which generates a time-sensitive link
> -user clicks on link and gets the info they need (over ssl) or gets a
"sorry, too
> late" message
>
> Has anyone ever done anything like this? Better still, can anyone see a
> way to squeeze pgp into the picture?
>
> -bill
>
>
>
> --- Unsubscribe at http://nyphp.org/list/ ---
>
>
>