Mark Fuller wrote:
On Tue, Jan 13, 2009 at 5:41 PM, Lyle <[email protected]> wrote:
People wrote:
(various comments)
I think you're right, I shouldn't worry and just let the browser handle it.
I might make it remember the username by default for convenience if they
choose to enter their password each time.
I don't understand the "remember me" thing. If you use a cookie with a
session key, and maintain on the server side that the user wants to be
"remembered," why even display the login page to them? Just treat them
as already logged in, and let them into your site? That's what's going
to happen anyway if you fill in the userID and password for them.
It seems to me like what's really happening here is someone wanting to
not be logged off for 2 weeks. Making them go through the login page
with their credentials supplied for them, that's just making it harder
to remain logged in for 2 weeks. (?)
Maybe I don't get it.
Doh! That makes sense :) Like ebays remember more for a day. I could
have a remember me check box, when checked have javascript add a drop
down box where they can select day, week, month, etc. Then just leave it
in the session.
Runs the risk of the session ID being found, but I guess if I verify the
cookie and IP address...
Lyle
##### CGI::Application community mailing list ################
## ##
## To unsubscribe, or change your message delivery options, ##
## visit: http://www.erlbaum.net/mailman/listinfo/cgiapp ##
## ##
## Web archive: http://www.erlbaum.net/pipermail/cgiapp/ ##
## Wiki: http://cgiapp.erlbaum.net/ ##
## ##
################################################################
