No more use of cookies
Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums Suggestions
Forum Description: Do you have any ideas for applications or content on Web Wiz? Then leave your suggestions here.
URL: https://forums.webwiz.net/forum_posts.asp?TID=6111
Printed Date: 28 March 2026 at 9:02am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com
Topic: No more use of cookies
Posted By: jellesma
Subject: No more use of cookies
Date Posted: 02 October 2003 at 8:48am
|
Hello, Is it possible the use of cookie to disable so the forum can become a normal forum
|
Replies:
Posted By: WebWiz-Bruce
Date Posted: 02 October 2003 at 9:30am
|
99% of forum software uses cookies. Without the use of ccokies there is no other real way to track a user in classic ASP. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: fernan82
Date Posted: 02 October 2003 at 6:40pm
|
So it can't be done with session variables? or passing session info on the links like vBulletin does? |
-boRg- wrote:Posted By: Gullanian
Date Posted: 02 October 2003 at 7:13pm
| Yup, but sessions expire, and info in the querystring can be looked up by someone on the same pc in the internet history, or by looking over their shoulder! |
Posted By: fernan82
Date Posted: 02 October 2003 at 10:33pm
|
Yea, but I think the way it's done is by generating a code from the user id, session id, and user IP (or something like that) so the code on the querystring won't always be the same for the same user... It might not work right for everyone, that's why forums that use that method have it as an option that users can enable on their profiles... Some people just don't like cookies and would prefer to use that kind of method so it's not a bad idea... Of course it won't work for everyone and it won't be possible to keep you logged in when you return to the forum, that's why if implemented it should be up to the user to use cookies or that method... ------------- FeRnAN http://www.danasoft.com/"> 
|
Posted By: WebWiz-Bruce
Date Posted: 03 October 2003 at 2:43am
|
I can't see anyway it could be done with classic ASP without cookies,
if you where to use the session variables you still need cookies
enabled on the users machine inorder for session variables to work. I belives in ASP.NET there is a way to do this without cookies as ASP.NET allows the server to track users without cookies by appending the session ID to links, but this is not possible with classic ASP. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: Gullanian
Date Posted: 03 October 2003 at 2:46am
| You can do it with querystrings, holding the username and password in it |
Posted By: WebWiz-Bruce
Date Posted: 03 October 2003 at 2:54am
|
That would be extramly insecure spicially as browsers store URL's. If
you use the forum at work, uni, school, etc. the next person on the
machine could simply follow your URL and bang they are logged in as you.
------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: fernan82
Date Posted: 03 October 2003 at 6:25pm
|
You don't use the username and password, when the user logs in you generate a code from the userID and sessionID or something like that so that the code will one work during the session. ------------- FeRnAN http://www.danasoft.com/">
|
Posted By: wistex
Date Posted: 04 October 2003 at 12:31am
|
Then expire the session after a certain amount of time of inactivity so that noone else can use it even if they found the link. If someone followed the link it would simply say "Session Expired, Please Login Again" or something like that.
------------- http://www.wistex.com" rel="nofollow - WisTex Solutions http://www.caribbeanchoice.com/forums" rel="nofollow - CaribbeanChoice Forums |
Posted By: WebWiz-Bruce
Date Posted: 04 October 2003 at 1:04pm
|
Still wouldn't work as with classic ASP you need to have cookies enabled on the users browser for sessions to work. If cookies are not enabled a new session is started for each hit on the server from that persons browser thus creating a new session ID each time and loosing any data from teh session held for that user. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: fernan82
Date Posted: 04 October 2003 at 9:46pm
|
hmmm... I think you're right... but I've just tried it and it seems to keep the session with IE after I disabled all cookies but when I tried it with Mozilla it wont... ------------- FeRnAN http://www.danasoft.com/">
|
Posted By: WebWiz-Bruce
Date Posted: 05 October 2003 at 7:02am
|
I find with my version of IE if you completly close the browser then
turn off all cookies it will loose the session for the site also.
------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |