[nycphp-talk] self-expiring pages
ophir at prusak.com
Tue Mar 11 10:04:31 EST 2003
That's easy (I do it all the time).
Take the original URL (or filename, entry ID, etc) and concat a timestamp to
Enrcypt the whole thing (no need for PGP, just a simple one way encryption
Then on the landing page decrypt the whole thing and simply see how old the
If it's withing your timeframe, do a forward / passthrough of the content.
----- Original Message -----
From: "Bill Lovett" <bill at ilovett.com>
To: "NYPHP Talk" <talk at nyphp.org>
Sent: Monday, March 10, 2003 8:41 PM
Subject: [nycphp-talk] self-expiring pages
> I have an idea for an application that I'd like to get some feedback on.
> Let's say you need to keep track of user login information for several
> client servers. Security is obviously a concern. In my case, I need a
> way to safely provide this information to both technical and faintly
> technical staff.
> I started thinking about how some mailing list managers work, where you
> state what you want to do, and then get a confirmation email with a link
> or special reply address that must be received by the server in order
> for your request to be processed.
> With that in mind, I'm wondering how I could set up a random link
> generator that would issue urls that are only valid for n minutes, but
> with querystrings that aren't obvious. If I had that piece of the
> puzzle, I could add additional security by restricting the addresses who
> could receive such links and by storing the passwords in mysql with heavy
> user restrictions. So the full process would be:
> -send an email to a special account
> -email is received by a script which generates a time-sensitive link
> -user clicks on link and gets the info they need (over ssl) or gets a
> late" message
> Has anyone ever done anything like this? Better still, can anyone see a
> way to squeeze pgp into the picture?
> --- Unsubscribe at http://nyphp.org/list/ ---
More information about the talk