Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 DEV-Group
 DEV Discussions (General)
 Sessions
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

Podge
Support Moderator

Ireland
3775 Posts

Posted - 09 September 2010 :  12:03:02  Show Profile  Send Podge an ICQ Message  Send Podge a Yahoo! Message  Reply with Quote
Why is last_here_date held in a session? I'm not saying its good or bad, just wondering why this data isn't pulled from the db all the time or stored in a cookie.

if IsEmpty(Session(strCookieURL & "last_here_date")) then
	Session(strCookieURL & "last_here_date") = ReadLastHereDate(strDBNTUserName)
end if
if lastDate = "" then
	lastDate = Session(strCookieURL & "last_here_date")
end if
if Request.Form("AllRead") = "Y" then
	lastDate = ChkString(Request.Form("BuildTime"),"SQLString")
	'## The redundant line below is necessary, don't delete it.
	Session(strCookieURL & "last_here_date") = lastDate
	Session(strCookieURL & "last_here_date") = lastDate
	UpdateLastHereDate lastDate,strDBNTUserName
	ActiveSince = ""
end if

Podge.

The Hunger Site - Click to donate free food | My Blog | Snitz 3.4.05 AutoInstall (Beta!)

My Mods: CAPTCHA Mod | GateKeeper Mod
Tutorial: Enable subscriptions on your board

Warning: The post above or below may contain nuts.

HuwR
Forum Admin

United Kingdom
20584 Posts

Posted - 09 September 2010 :  13:07:50  Show Profile  Visit HuwR's Homepage  Reply with Quote
it keeps it in the session and the db, basically the first time readlastheredate is called to set the session variable, the database is updated with your current 'arrival' time , and the session lastheredate is set to the old value in the db (your previous arrival time) so that the forum knows when you were last here so it can work out what topics etc have been active.

MVC .net dev/test site | MVC .net running on Raspberry Pi
Go to Top of Page

Podge
Support Moderator

Ireland
3775 Posts

Posted - 09 September 2010 :  13:50:53  Show Profile  Send Podge an ICQ Message  Send Podge a Yahoo! Message  Reply with Quote
I'm looking at removing all sessions from the forum code in order to allow me to use web gardens / set up a cluster. I don't see a problem using a cookie in this case i.e. instead of storing the previous arrival time in a session it could be stored in a cookie. Obviously there would be extra sanitising/checks to be done but it would be worth it.

As for the admin session I was thinking along these lines; check the previous arrival time in the db and if its more than 20 minutes ago and its an admin, the user is logged out. This could provide extra security than is currently in place. It would also prevent users from using an admin account as an everyday account.

Podge.

The Hunger Site - Click to donate free food | My Blog | Snitz 3.4.05 AutoInstall (Beta!)

My Mods: CAPTCHA Mod | GateKeeper Mod
Tutorial: Enable subscriptions on your board

Warning: The post above or below may contain nuts.
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20584 Posts

Posted - 09 September 2010 :  14:24:43  Show Profile  Visit HuwR's Homepage  Reply with Quote
yes should work fine using cookies

MVC .net dev/test site | MVC .net running on Raspberry Pi
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.1 seconds. Powered By: Snitz Forums 2000 Version 3.4.07