Re: [WebDNA] User sessions - cookies only or cookies and a
This WebDNA talk-list message is from
2016
It keeps the original formatting.
numero = 113116
interpreted = N
texte = 704 --Apple-Mail=_2643F41A-ECAD-43F7-826E-1F2B4FA8C591 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii WebDNA time [MATH]{[time]}[/MATH] WebDNA date [MATH]{[date]}[/MATH] Kind regards Stuart Tremain IDFK Web Developments AUSTRALIA webdna@idfk.com.au > On 27 Oct. 2016, at 10:26, dale wrote: >=20 > Tom and Donovan, >=20 > Thank you for your suggestions. If I may ask one more thing. I'm = trying to figure out what I need to store in the cookie and in the = session.db.=20 >=20 > I have the login which then looks into the users.db and verifies that = the information is correct. As soon as the [showif] confirms, I write a = coolie with a [cart] value and currently store the username, session ID = (the [cart] value) and an expiry value - I want to use the WebDNA epoch = time but have looked on the website and can't find the proper way to = create this value. >=20 > What kind of data do you store in your cookies and session.db? >=20 > With the data I am currently storing in the coookie and session.db, I = would still be doing a lookup in the users.db to get the groups the user = belongs to in order to display the appropriate menus for the user.=20 >=20 > In the past when I did a login, I only saved a session cookie as I = only needed to carry the user information over a few pages. >=20 > Thank you for your insight. >=20 > Dale >=20 >=20 >=20 > On Mon, Oct 24, 2016 at 3:37 PM, > wrote: > > Question #1: > > > > Does the BrowserID use any other data from the browser, such as > > the ip address for example, or anything else OTHER THAN the data > > in the mime headers? >=20 > no >=20 > > Problem #1: > > > > You said you're using ALL the info returned in the mime headers, > > but this appears to be a mistake, here's why: > > > > One portion of the data returned in mime headers is cookies, so if > > there are any cookie changes from one page to the next, the > > BrowserID won't match any longer. This is a real problem for me > > because I reset the cookie expire date in my admin systems every > > time another page is requested. >=20 > cookies is not used >=20 > > But this does NOT explain why Tom's test concluded that all three > > BrowserIDs were identical when in fact he used three different > > browsers. >=20 > we found that [session] is broken on the server version, because of = the way the fastCGI returns the MIME Headers compared with Server = version. This will be fixed tomorrow and we will recompile. >=20 >=20 > > Question #3: > > > > What happens when a mismatch occurs with the BrowserID values? > > Does WebDNA default to matching something else, such as the ip > > address? If so, this explains why all three of Tom's 'from' > > fields are different but the 'to' fields are the same: >=20 > the first column in the db includes date, time, IP, life (seconds) and = the second column browserID > They are connected together but if IP or browserID do not match = anymore, you are free take decisions using the built-in test tags. >=20 >=20 >=20 > - chris--------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list >. > To unsubscribe, E-mail to: > > archives: http://mail.webdna.us/list/talk@webdna.us = > Bug Reporting: support@webdna.us >=20 > --------------------------------------------------------- This message = is sent to you because you are subscribed to the mailing list . To = unsubscribe, E-mail to: archives: = http://mail.webdna.us/list/talk@webdna.us Bug Reporting: = support@webdna.us --Apple-Mail=_2643F41A-ECAD-43F7-826E-1F2B4FA8C591 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii WebDNA time [MATH]{[time]}[/MATH]
Thank you for your suggestions. If I = may ask one more thing. I'm trying to figure out what I need to store in = the cookie and in the session.db.
I have the login which then looks into = the users.db and verifies that the information is correct. As soon as = the [showif] confirms, I write a coolie with a [cart] value and = currently store the username, session ID (the [cart] value) and an = expiry value - I want to use the WebDNA epoch time but have looked on = the website and can't find the proper way to create this = value.
What = kind of data do you store in your cookies and session.db?
With the data I am = currently storing in the coookie and session.db, I would still be doing = a lookup in the users.db to get the groups the user belongs to in order = to display the appropriate menus for the user.
In the past when I did a = login, I only saved a session cookie as I only needed to carry the user = information over a few pages.
> = Question #1: > > Does the BrowserID use any other data from the browser, such as > the ip address for example, or anything else OTHER THAN the data > in the mime headers?
no > Problem #1: > > You said you're using ALL the info returned in the mime headers, > but this appears to be a mistake, here's why: > > One portion of the data returned in mime headers is cookies, so = if > there are any cookie changes from one page to the next, the > BrowserID won't match any longer. This is a real problem for = me > because I reset the cookie expire date in my admin systems every > time another page is requested.
cookies is not used
> But this does NOT explain why Tom's test concluded that all = three > BrowserIDs were identical when in fact he used = three different > browsers.
we found that [session] is broken on the server version, because = of the way the fastCGI returns the MIME Headers compared with Server = version. This will be fixed tomorrow and we will recompile. =
> Question #3: > > What happens when a mismatch occurs with the BrowserID values? > Does WebDNA default to matching something else, such as the ip > address? If so, this explains why all three of Tom's = 'from' > fields are different but the 'to' fields are the same: = the first column in the db includes date, time, IP, life = (seconds) and the second column browserID They are connected together but if IP or browserID do not match anymore, = you are free take decisions using the built-in test tags.
--------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us
= --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us --Apple-Mail=_2643F41A-ECAD-43F7-826E-1F2B4FA8C591-- .
Associated Messages, from the most recent to the oldest:
704 --Apple-Mail=_2643F41A-ECAD-43F7-826E-1F2B4FA8C591 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii WebDNA time [math]{[time]}[/MATH] WebDNA date [math]{[date]}[/MATH] Kind regards Stuart Tremain IDFK Web Developments AUSTRALIA webdna@idfk.com.au > On 27 Oct. 2016, at 10:26, dale wrote: >=20 > Tom and Donovan, >=20 > Thank you for your suggestions. If I may ask one more thing. I'm = trying to figure out what I need to store in the cookie and in the = session.db.=20 >=20 > I have the login which then looks into the users.db and verifies that = the information is correct. As soon as the [showif] confirms, I write a = coolie with a [cart] value and currently store the username, session ID = (the [cart] value) and an expiry value - I want to use the WebDNA epoch = time but have looked on the website and can't find the proper way to = create this value. >=20 > What kind of data do you store in your cookies and session.db? >=20 > With the data I am currently storing in the coookie and session.db, I = would still be doing a lookup in the users.db to get the groups the user = belongs to in order to display the appropriate menus for the user.=20 >=20 > In the past when I did a login, I only saved a session cookie as I = only needed to carry the user information over a few pages. >=20 > Thank you for your insight. >=20 > Dale >=20 >=20 >=20 > On Mon, Oct 24, 2016 at 3:37 PM, > wrote: > > Question #1: > > > > Does the BrowserID use any other data from the browser, such as > > the ip address for example, or anything else OTHER THAN the data > > in the mime headers? >=20 > no >=20 > > Problem #1: > > > > You said you're using ALL the info returned in the mime headers, > > but this appears to be a mistake, here's why: > > > > One portion of the data returned in mime headers is cookies, so if > > there are any cookie changes from one page to the next, the > > BrowserID won't match any longer. This is a real problem for me > > because I reset the cookie expire date in my admin systems every > > time another page is requested. >=20 > cookies is not used >=20 > > But this does NOT explain why Tom's test concluded that all three > > BrowserIDs were identical when in fact he used three different > > browsers. >=20 > we found that [session] is broken on the server version, because of = the way the fastCGI returns the MIME Headers compared with Server = version. This will be fixed tomorrow and we will recompile. >=20 >=20 > > Question #3: > > > > What happens when a mismatch occurs with the BrowserID values? > > Does WebDNA default to matching something else, such as the ip > > address? If so, this explains why all three of Tom's 'from' > > fields are different but the 'to' fields are the same: >=20 > the first column in the db includes date, time, IP, life (seconds) and = the second column browserID > They are connected together but if IP or browserID do not match = anymore, you are free take decisions using the built-in test tags. >=20 >=20 >=20 > - chris--------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list >. > To unsubscribe, E-mail to: > > archives: http://mail.webdna.us/list/talk@webdna.us = > Bug Reporting: support@webdna.us >=20 > --------------------------------------------------------- This message = is sent to you because you are subscribed to the mailing list . To = unsubscribe, E-mail to: archives: = http://mail.webdna.us/list/talk@webdna.us Bug Reporting: = support@webdna.us --Apple-Mail=_2643F41A-ECAD-43F7-826E-1F2B4FA8C591 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii WebDNA time [math]{[time]}[/MATH]
Thank you for your suggestions. If I = may ask one more thing. I'm trying to figure out what I need to store in = the cookie and in the session.db.
I have the login which then looks into = the users.db and verifies that the information is correct. As soon as = the [showif] confirms, I write a coolie with a [cart] value and = currently store the username, session ID (the [cart] value) and an = expiry value - I want to use the WebDNA epoch time but have looked on = the website and can't find the proper way to create this = value.
What = kind of data do you store in your cookies and session.db?
With the data I am = currently storing in the coookie and session.db, I would still be doing = a lookup in the users.db to get the groups the user belongs to in order = to display the appropriate menus for the user.
In the past when I did a = login, I only saved a session cookie as I only needed to carry the user = information over a few pages.
> = Question #1: > > Does the BrowserID use any other data from the browser, such as > the ip address for example, or anything else OTHER THAN the data > in the mime headers?
no > Problem #1: > > You said you're using ALL the info returned in the mime headers, > but this appears to be a mistake, here's why: > > One portion of the data returned in mime headers is cookies, so = if > there are any cookie changes from one page to the next, the > BrowserID won't match any longer. This is a real problem for = me > because I reset the cookie expire date in my admin systems every > time another page is requested.
cookies is not used
> But this does NOT explain why Tom's test concluded that all = three > BrowserIDs were identical when in fact he used = three different > browsers.
we found that [session] is broken on the server version, because = of the way the fastCGI returns the MIME Headers compared with Server = version. This will be fixed tomorrow and we will recompile. =
> Question #3: > > What happens when a mismatch occurs with the BrowserID values? > Does WebDNA default to matching something else, such as the ip > address? If so, this explains why all three of Tom's = 'from' > fields are different but the 'to' fields are the same: = the first column in the db includes date, time, IP, life = (seconds) and the second column browserID They are connected together but if IP or browserID do not match anymore, = you are free take decisions using the built-in test tags.
--------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us
= --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us --Apple-Mail=_2643F41A-ECAD-43F7-826E-1F2B4FA8C591-- .
WebDNA Development
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...