Fairly briskly and correct me if I am wrong,,,, Building a Privacy Policy still aint going to help you if the user has cookies turned off, no web server cookie will be set so the web server won't remember you for the next Request (assuming no developer intervention)
No Cookies, No Web Server Sessions, No maintaining of state between request without developer intervention..... - Unless you append the CFID and CFTOKEN (or J2EE SessionID) to the end of every URL - Or you could make sure everything was a form and maintaining state through hidden form variables - You could also use the CLIENT scope and store then variables in a database effectively using it as a SESSION store (if complex var, need to serialize them using WDDX, I know not much else about this and the knowledge has been gleaned from the posts to this here very list) - If the right CFMX version could use J2EE stuff to maintain state as well but again don't know anything about that. - There are probably a few other methods but they are the main one s I can think of right now In short, I use Session variables cause they are easy. This may be a cop out but try working to my deadlines, aint got time to roll your own solutions all the time and more often than not I am modifying somebody else's application so pretty stuck with what you got I always just make sure that logging in or anything at least has a check for cookies and let's the user know if they haven't got them on, then they can't have the functionality of the site. Most of my apps can do this and I do realise that not all can get away with this but I seldom come across a project that does not let me utilise SESSION variables... they used to say it was evil and that you shouldn't use them, but most other methods or maintaining state between pages just end up being so fucking clunky it just aint worth it for me... Why can't you use Session variables by forcing the user to have cookies turned on? A good privacy policy (textual) will inform the user that cookies are only used to maintain state and their eyes will just glaze over anyway and they will automatically follow your instructions to turn on cookies and be able to fully use your site..... in the same context, the user will also be able to faultlessly navigate your application and not ask stupid questions. They would also be able to read your instructions on screen and realise that if they do not follow them, they will not be able to carry out the task that they want to do. :-) > > > I'm using cookies to allow session variables with CF5, and > I'm running > > into lots of people who have them disabled - IE6, for instance, > > appears to disable them by default. Would I be better off using > > URLToken, or is there > > a way to make cookies work on most systems? IE talks about > a compact > > privacy policy, I notice. > > Your best bet is to build a Privacy Policy for your website > > While in IE6, click on View, Privacy Report, then "Learn more > about privacy..." > > That will give you some information about how IE6 is treating cookies > > Here's some links on why and how the P3P privacy policy came about > http://www.w3.org/TR/P3P/ http://www.w3.org/P3P/implementations http://www.p3pdeveloper.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. http://www.cfhosting.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
