each value denote what???
thanks for your replay.......
1 is userid
i think 74c5d8e6a60743f1df88e85cccc594a0 is hash
rest of them ???????
So explain it better in Gdn_CookieIdentity::SetCookie in adds
KeyData|HMAC|Timstamp and appends any cookie contents to the end delimited by pipe. SetIdentity is only one possible use of SetCookie, and in that case it supplies virtually the same for the KeyData as the CookieContent
The hash is salted an you can change the primary hash algorithm (md5 or sha1).
grep is your friend.
The data that is verified by HMAC is the KeyData. So in other word not only is the cookie authenticated by hash, it verifies that the associated KeyData is correct and hasn't been tampered.
thank you** x00 ** for your valuable reply
function _Hash($Data, $CookieHashMethod, $CookieSalt) what is $Data ???
$Data is the data to place in the hash, means what????
Is this the $KeyData???
function _Hash($Data, $CookieHashMethod, $CookieSalt)
If you read
Data is the message. In this case message is KeyData (UserID-Expiration), but could be anything.
That function is just a wrapper, as to not confuse generating the key, to generating the final hash. So in the second pass you supply the generated key as the salt ( not the saved salt)
got it thank you very much x00