Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Community Forums
 Code Support: ASP (Non-Forum Related)
 Best way to authenticate user ?		  New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

hellind
Junior Member

Singapore
123 Posts
Posted - 03 December 2004 :  02:03:30  Show Profile
Hello,

If I am not wrong, Snitz stores the password/username in a cookie, if the user chooses 'save password'.

And when a user return to the site, and make a new post, Snitz validifies once more the cookie username/password.

So for every post that a user makes in that single visit, it makes that number of authentication with database.

Now I am thinking, what if when the user return back, the site authenticates once with the cookie usr/pwd and create a session-variable for the visit.

So if the user makes X no. of posts, it doesnt' need to check the database, it only check the session.

Comments Please? :)

pdrg
Support Moderator

United Kingdom
2897 Posts
Posted - 03 December 2004 :  06:30:46  Show Profile  Send pdrg a Yahoo! Message
yesss...but - sessions last for (usually) 20 mins, so there would still be a requirement to check the db to authenticate the user
Go to Top of Page

hellind
Junior Member

Singapore
123 Posts
Posted - 03 December 2004 :  06:34:53  Show Profile
But only if the user is in-active for 20mins....

If Session("Username") = "" Then
Authenticate()
End If

This is for my general site, where people do more than posting, they comment, upload pics, edit homepage, etc.

So it would be more effective to assign a session variable.?
Go to Top of Page

Podge
Support Moderator

Ireland
3776 Posts
Posted - 03 December 2004 :  07:36:10  Show Profile  Send Podge an ICQ Message  Send Podge a Yahoo! Message
Sessions hinder performance because each ASP page runs in a different thread and session calls will be serialized one by one. If there are a lot of users (and sessions) its a lot of work for IIS to track each one.
Podge.

The Hunger Site - Click to donate free food | My Blog | Snitz 3.4.05 AutoInstall (Beta!)

My Mods: CAPTCHA Mod | GateKeeper Mod
Tutorial: Enable subscriptions on your board

Warning: The post above or below may contain nuts.
Go to Top of Page

hellind
Junior Member

Singapore
123 Posts
Posted - 05 December 2004 :  01:24:12  Show Profile
So what is your suggestion?

Are you saying that when a user logs in, and if I authenticate with the database for every post, for every image upload, for every profile change, for everything he does, it would be faster than the session variables?

:)
Go to Top of Page

pdrg
Support Moderator

United Kingdom
2897 Posts
Posted - 06 December 2004 :  05:16:46  Show Profile  Send pdrg a Yahoo! Message
No, sessions have their uses. They each take ~35k memory (which used to be a big deal, so we used to try to code around it if the cost outweighed the benefit).

Just use the session for the 20 mins of the session, don't try to maintain a session accross multiple hours/days as a shortcut instead of logging on.

Not sure about the snitz code per se, but would be surprised if it has a database lookup for every post - however if it does, it'd be because of the above, and because the base code goes way back into the days when 4Gig of RAM was impossible ;-)
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.74 seconds. Powered By: Snitz Forums 2000 Version 3.4.07