Happy New Year All. Does anyone use sessions to temporarily hold confirmation codes for user registrations? I have a setup where when the user registers a random confirmation code is generated and appended to a url which is emailed to the user. The user's registration data is stored in a session with the confirmation code as the key. When they click the confirmation link, the code is used to retrieve the registration information and the registration is done. Some users are having trouble because it seems they're encountering invalidated sessions. I know if the registrations is done in one browser and the link (outlook will open IE) opens up a different browser that would lead to the creation of a different session which obviously wouldn't have the registration data. I have seen implementations that enter the confirmation directly into the database but I don't want to do that since it would mean writing more code to check who's account is activated and who's hasn't, and also might lead to garbage in the database of users who never activated their accounts...Any suggestions?
-- "talk trash and carry a small stick." PAUL KRUGMAN (NYT)
