Regarding spiders, you can validate <@CGIPARAM NAME="USER_AGENT"> against a list of acceptable bots, though this is easily spoofed.
Unless you're using https, subsequent HTTP requests will present the cookies in clear text. (Same is true for HTTP authentication). But since it's acceptable for anonymous anauthenticated users (google, for example) to browse the site, why worry about encrypting anything? And since the spiders will provide deep linking, so users might be taken to a dynamic page well past the home page, the logic to redirect to login benefits needs to be in every appfile. >Windows 2003 Web Edition IIS 6.0, R:Tango 5, Oterro 3.0 > >I would like to suggest that visitors login to a site when they first enter >it. Presently I check to see if they have a user scoped userid. If they >don't I set it to the session cookie userreference. So I was thinking that >if they didn't have a user id, I would redirect to a page that would list >benefits of signing in and provide login input fields. > >I also want to create a persistent cookie to place on their computer that >would contain an affiliate code if the visitor was referred to the site by >an affiliate. So I could check to see if they have this cookie first. If >they have a cookie, it would be nice to log them in as well as read their >affiliate code. But I don't know how to transmit encrypted account and >password info in the form of a cookie first to their computer and then at a >later date (subsequent visits) back to my site. Any comments? > >I also have a challenge when a search engine spider hits the site. I don't >want to redirect the spider to a "login suggestion" page. Any suggestions on >how to determine if the visitor is a spider? Maybe use <@CGIPARAM>. I >noticed when looking at my IIS logs, that there are entries like the >following: > >66.196.93.29 HTTP/1.0 >YahooSeeker/1.1+(compatible;+Mozilla+4.0;+MSIE+5.5;+http://help.yahoo.com/he >lp/us/shop/merchant/) >64.68.82.55 HTTP/1.0 Googlebot/2.1+(+http://www.googlebot.com/bot.html) >66.196.65.40 HTTP/1.0 >Mozilla/5.0+(compatible;+Yahoo!+Slurp;+http://help.yahoo.com/help/us/ysearch >/slurp) > >Is this accessible by Witango? Is it consistent? Is it useful? > >Thanks for any ideas. > >Steve Fogelson >Internet Commerce Solutions >________________________________________________________________________ >TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > Bill Conlon To the Point 345 California Avenue Suite 2 Palo Alto, CA 94306 office: 650.327.2175 fax: 650.329.8335 mobile: 650.906.9929 e-mail: mailto:[EMAIL PROTECTED] web: http://www.tothept.com ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
