Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
WWW Security
Message
From
18/01/2001 08:25:49
Martin Salias
Southworks
Argentina
 
General information
Forum:
Visual FoxPro
Category:
Internet applications
Title:
Re: WWW Security
Miscellaneous
Thread ID:
00464789
Message ID:
00465074
Views:
15
>I am working on a front end for our VFP app using West Wind and have to add some level of security. I need to get the user name and password obviously and keep track that that person was logged in. When they leave the site I need to log them out.
>
>What means to people usually use for this. I realize I could probably use cookies to do this but I am not sure about logging them out.

You basically have two methods for keeping track of a logged user:

1. Cookies
2. Session IDs that gets passed on the URL or hidden objects.

I generally prefer the first one as I see it more secure and flexible. The main drawbacks with the other one is the overhead in your application, pages, etc, and the possibillity of someone hijacking a session by changing the url (although this is difficult, it can be done).

Of course, the first method only work if cookies are activated, but actually, if you try to deactivate cookies, you'll find that MANY sites you visit stop working or start having serious problems, so I haven't found much resistance to cookies lately.

For the actual code, just look at the WC examples. Rick has a couple of demos on cookies and sessions.

Good luck!
Martín Salías
Developer and Architect
Agile Alliance member
C# MVP
Previous
Reply
Map
View

Click here to load this message in the networking platform