Who are you???? - Level Extreme

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

Who are you????

Message

04/08/2004 17:31:45

Rick Strahl
West Wind Technologies
Maui, Hawaii, États-Unis

04/08/2004 11:53:24

Joel Hokanson
Services Integration Group
Bellaire, Texas, États-Unis

Information générale

Forum:

Visual FoxPro

Catégorie:

West Wind Web Connection

Titre:

Re: Who are you????

Divers

Thread ID:

00930676

Message ID:

00930827

Vues:

In order to track people through a site you need something and Cookies tend to be the easiest way to do this. Actually Sessions are the easiest way to do this but they use cookies behind the scenes as well. Sessions are easier to use though because you won't have to mess with checking the cookie directly but instead can just query a session variable.

Cookies can be a problem if users have them turned of. The best way to deal with this sort of thing is accept the cookie and immediately check to see if the user got it on another response page. This requires a redirection of some sort (using StandardPage() with redirection parameters can do this easily) to see a page AFTER the cookie was originally set. Alternately (and tis is what I usually do) I check for cookies on critical pages where Cookies are really required. For example on the Shoppinig cart page. In your case it'll be easy cause every request practically will require the check for the cookie/id.

there are other ways: License plates (Urls with iD info on them) which avoids cookies altogether, but this cna be a lot more work AND you have to make sure you document this so you won't create new pages that don't handle the Ids properly. They're also more susceptible to spoofing...

Overall, cookies are the way to go - few peopole have them turned off and if you have a standard Cookie Warnding display page it's easy to let people know that htis site requires them. You can always tell them to add your site to the list of trusted sites in which case Cookies will work even if disabled in the IE security dialog.

+++ Rick ---

>I have a very simple login page on my WW application.
>
>They enter their unique ID (no password) and the system sets a cookie with their ID.
>
>Then I use that cookie on every following page to know they are logged in and what is their ID.
>
>Is there a BETTER way to know if they passed login and not worry about they who they?
>
>Naturally I can use Windows authentication, but that is a lot more than my users would want to mess with.
>
>The simple ID is nice, but the cookies are a constant problem.

+++ Rick ---

West Wind Technologies
Maui, Hawaii

west-wind.com/
West Wind Message Board
Rick's Web Log
Markdown Monster
---
Making waves on the Web

Where do you want to surf today?

Répondre

Fil

Voir

Click here to load this message in the networking platform