Web Wiz Forums - Have I applied the member API correctly?

Print Page | Close Window

Have I applied the member API correctly?

Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=29234
Printed Date: 01 April 2026 at 12:39pm
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com

Topic: Have I applied the member API correctly?

Posted By: Gullanian
Subject: Have I applied the member API correctly?
Date Posted: 04 April 2011 at 3:52pm

The way I have applied it, is it processes the login on my custom login page (all works fine etc etc), then it selects the user code for the user that passed authentication, and drops that code in a cookie. That code is then used to match to their database records on each page request. I am now logged in on the forums, and my main site which is good :)

But is this correct? The user code isn't changing because I've written my own login page, is this something I need to amend? What would you recommend? I've done it quite simply, might I have overlooked anything?

Thanks for any advice. One thing I should mention is that all pages will be using SSL when they are logged in so cookie hijacking will be harder.

Replies:

Posted By: WebWiz-Bruce
Date Posted: 04 April 2011 at 4:08pm

Using a cookie as authentication can be useful but as cookies are easy to fake on another machine you may want to look at combining it with some other method, such as something that authenticates the cookie server side for that session, or even using the database and using the session to track the user rather than setting cookies.

-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting