Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
 All Forums
 Snitz Forums 2000 DEV-Group
 DEV Discussions (General)
 Sessions

Note: You must be registered in order to post a reply.
To register, click here. Registration is FREE!
Before posting, make sure you have read this topic!

Screensize:
UserName:
Password:
Format Mode:
Format: BoldItalicizedUnderlineStrikethrough Align LeftCenteredAlign Right Horizontal Rule Insert HyperlinkInsert EmailInsert Image Insert CodeInsert QuoteInsert List
   
Message:

* HTML is OFF
* Forum Code is ON
Smilies
Smile [:)] Big Smile [:D] Cool [8D] Blush [:I]
Tongue [:P] Evil [):] Wink [;)] Clown [:o)]
Black Eye [B)] Eight Ball [8] Frown [:(] Shy [8)]
Shocked [:0] Angry [:(!] Dead [xx(] Sleepy [|)]
Kisses [:X] Approve [^] Disapprove [V] Question [?]

 
   

T O P I C    R E V I E W
Podge Posted - 09 September 2010 : 12:03:02
Why is last_here_date held in a session? I'm not saying its good or bad, just wondering why this data isn't pulled from the db all the time or stored in a cookie.

if IsEmpty(Session(strCookieURL & "last_here_date")) then
	Session(strCookieURL & "last_here_date") = ReadLastHereDate(strDBNTUserName)
end if
if lastDate = "" then
	lastDate = Session(strCookieURL & "last_here_date")
end if
if Request.Form("AllRead") = "Y" then
	lastDate = ChkString(Request.Form("BuildTime"),"SQLString")
	'## The redundant line below is necessary, don't delete it.
	Session(strCookieURL & "last_here_date") = lastDate
	Session(strCookieURL & "last_here_date") = lastDate
	UpdateLastHereDate lastDate,strDBNTUserName
	ActiveSince = ""
end if
3   L A T E S T    R E P L I E S    (Newest First)
HuwR Posted - 09 September 2010 : 14:24:43
yes should work fine using cookies
Podge Posted - 09 September 2010 : 13:50:53
I'm looking at removing all sessions from the forum code in order to allow me to use web gardens / set up a cluster. I don't see a problem using a cookie in this case i.e. instead of storing the previous arrival time in a session it could be stored in a cookie. Obviously there would be extra sanitising/checks to be done but it would be worth it.

As for the admin session I was thinking along these lines; check the previous arrival time in the db and if its more than 20 minutes ago and its an admin, the user is logged out. This could provide extra security than is currently in place. It would also prevent users from using an admin account as an everyday account.
HuwR Posted - 09 September 2010 : 13:07:50
it keeps it in the session and the db, basically the first time readlastheredate is called to set the session variable, the database is updated with your current 'arrival' time , and the session lastheredate is set to the old value in the db (your previous arrival time) so that the forum knows when you were last here so it can work out what topics etc have been active.

Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.05 seconds. Powered By: Snitz Forums 2000 Version 3.4.07