Re: non session/cookie login


"Mike" <mike@xxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1161674404.060608.106100@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
| I've been having loads of problems with AOL users and finally come to
| the conclusion that if a user has an AOL browser, session data is lost
| as soon as they move to the next page.
|
| I have not yet found a solution to this so to avoid losing business
| from any AOL user it looks like I may have to re-write script so not to
| use sessions.
|
| One way I thought was when a user logs in, a random string, similar to
| a session id (can't use the session id because AOL browsers can change
| it from page to page) is stored to a database with a reference to that
| user. This unique id is passed from page to page in the URL.
|
| Then on everypage, the id in the URL is checked against the database
| and if exists, that user must be logged in and their data can be
| retrieved.
|
| Any thoughts on this process?


have you made SURE your session variables are stored in a FILE and NOT as a
COOKIE? php will re-write your html output and put a variable called
PHPSESSID in it. the value of the variable is the name of the session file
on YOUR server's hard drive. AOL has nothing to do with ANY of that...it is
all controlled by your server and php.

were i you, i'd sign up for a AOL trial membership and debug your setup
until you got this sorted out.

and btw, your unique id idea (if the id relates to a login) opens you up
COMPLETELY to security hacks. however, that is EXACTLY what php is doing
with the PHPSESSID. difference is, the id does NOT relate to anything but a
file name rather than login information. you could do as you suggest and use
your id as a key to look up info in a table that stored variables...such as
username and password submitted, etc. otoh, why mimic what php ALREADY
provides. further, provides in a way that allows for cleanup and other
garbage collection goodies that you probably haven't even begun to think
about.

just my 0.02 usd


.

Relevant Pages

  • IE6 cant connect.
    ... Her start page is AOL and she is using Verizon's DSL. ... If she goes to log on to start a session when the system ... temporary fix. ... Verizon claims the Modem is good and the device manager reports the network ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: IE6 cant connect.
    ... She is the typical retiree user who is just doing email and limited browsing. ... If she goes to log on to start a session when the system starts searching for AOL the URL in clear text appears just above the task bar. ... Verizon claims the Modem is good and the device manager reports the network card is in good order. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Sessions
    ... I have had this session issue for months now and I just can't crack ... Yes, this works fine, except on users on AOL. ... session.name PHPSESSID PHPSESSID ...
    (comp.lang.php)
  • Re: how to create remember login functionality during login
    ... They can have multiple IPs per page view. ... Oh, yes, users in this situation (e.g. AOL users) may not be able ... That's not so bad for safe data - like custom UI content and such. ... Nobody gets hurt if the session is hijacked. ...
    (comp.lang.php)
  • Re: Sessions
    ... click the link and in aoltest3.php the session variable is visable. ... Yes, this works fine, except on users on AOL. ... Any chance you didn't post the real code, ...
    (comp.lang.php)