Scott, I assume you would have to set a Witango user variable indicating 1) The user just entered the site 2) Write a session cookie 3) Check for a cookie on the next page
At the next page if the Witango user variable is present and you can't read the cookie, the user disabled cookies But the Witango user variable would not be present (for disabled browsers) because Witango invoked a new session id What I am trying to get at is how do you know there is supposed to be a cookie set (on the next page) if session cookies are disabled? Steve -----Original Message----- From: Scott Cadillac [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 13, 2004 11:53 AM To: [EMAIL PROTECTED]; Ben Johansen Subject: RE: Witango-Talk: Cookies Like Ben mentioned, just set a "session" type cookie - and see if it exists on the next page. A "session" cookie by definition is a regular cookie, but without an expiry date or path/domain information attached to it. When a cookie is set like this, then it is not stored on the user's harddrive, cannot be transmitted to any other site (except the site that issued the cookie) and only exists in memory - until the user closes the original window that set the cookie. After this point, the cookie information is purged, thus a "safe" cookie. You can use JavaScript or Witango to set the Cookie, give it a known name like "cookiecheck" and a known value like "checking" - if the cookie and value is not present on the next page click, then session-cookies must be disabled by the user, at which point: display instructions to the user. No additional ActiveX or other software is required. This logic works for any web development platform that supports cookies. Hope this helps. Cheers.... -----Original Message----- From: "Ben Johansen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Date: Wed, 13 Oct 2004 09:33:45 -0700 Subject: RE: Witango-Talk: Cookies > You can set a cookie and do a quick page redirect and the end user will > not > have to do any action. > > Ben Johansen - http://www.pcforge.com > Authorized Witango & MDaemon Reseller > Available for Witango Developement > > > -----Original Message----- > From: Rick Sanders [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 13, 2004 9:26 AM > To: [EMAIL PROTECTED] > Subject: Re: Witango-Talk: Cookies > > > Hey Steve, > > The only way you can do it is to grab an Active X object, and install > it to > the user's browser "Downloaded Prrograms" folder. Then, the Active X > control > > can read the user's settings and send the results back to you. > > Since it's an individual setting per user, you have to have something > on the > > client's machine to tell you if cookies are disabled or not. > > You can check for the existance of the cookie on a page following the > one > you assigned the cookie as a work-around. But, unless the user changes > the > page, you won't know. > > From your original post, I understand that you don't want to use the > <@USERREFERENCEARGUMENT> in your links for fear of a search engine > spidering > > that link. > > I have the <@USERREFERENCEARGUMENT> tag in my links, and fairly high > search > engine rankings in different engines. However, none of the search > engines, > including Google has spidered the session ID: > http://www.google.ca/search?hl=en&q=webenergy&meta > > Rick Sanders > > > > Thanks for all the comments guys. I was thinking along the lines of > Scott. > > > I > > was wondering if there was a way to check to see if cookies were > enabled. > > I > > was just going to let them know and not let them continue until > cookies > > were > > invoked. > > > > How would this affect search engine spiders? Maybe I need to let them > > continue (and just notify them that the shopping cart will not retain > > their > > selections) or the spiders will not get their work done. Any > comments? > > > > I like the idea of providing instructions for them. > > > > Now I need to figure out how to check for cookies. Thanks Ben for the > > link. > > > > Thanks > > > > Steve > > > > -----Original Message----- > > From: John McGowan [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, October 13, 2004 8:25 AM > > To: [EMAIL PROTECTED] > > Subject: Re: Witango-Talk: Cookies > > > > > > Listen to Scott on this one. If you can educate just one user that > > turning session cookies back on isn't going to blow up their computer > or > > get their credit card stolen then our society becomes one step closer > to > > nirvana. > > > > If you were an auto dealer and a customer brought their car in and > said > > they didn't "like to have the battery plugged in", but wanted to know > > why they couldn't start their car, would you install a hand crank > for > > them to start their car? > > > > I know... It's a weak analogy... :) > > > > /John > > > > Scott Cadillac wrote: > > > >>Hi Steve, > >> > >>If you recall, the point and the conclusion on that long discussion > was > > "security" - if a user > >>has session-cookies disabled, then so be it. Just display a message > >>telling > > them to turn it > >>back on before allowing them to proceed (provide instructions). > >> > >>This is the most secure way to handle session management for any web > > platform (SSL is a > >>different matter). > >> > >>The issue is about security - why compromise security for user > >>convenience. > > Giving them > >>convenience now just delays more serious problems until a later date. > >> > >>---- > >>Yes, additional user variables may be assigned on the Server because > of > > missing session- > >>cookies. Unfortunately, it is one down-side to pay for better > security for > > your visitors. > >> > >>----- > >>As for testing for cookies, writing a bit of code for this is not > >>difficult > > - but keep in mind > >>there is a different between "session" cookies and regular cookies, > and > > that most every modern > >>browser has settings for both kinds (and that some browsers use > different > > terminology to > >>describe these two kinds of cookies). > >> > >>Hope this helps. Cheers.... > >> > >>Scott Cadillac, > >>XML-Extranet ~ 403-254-5002 ~ [EMAIL PROTECTED] > >>------------ > >>Well-formed Programming in C# ASP.NET, Witango and XML > >>For Hire ~ http://xmlx.ca/forhire > >>------------ > >>IExtranet ~ http://IExtranet.net > >>------------ > >>Weblog ~ http://xmlx.ca > >>Forums ~ http://forums.xmlx.ca > >>Knowledge Base ~ http://kb.xmlx.ca > >>------------ > >>P.O. Box 69006 > >>RPO Bridlewood SW > >>Calgary, Alberta > >>Canada T2Y 4T9 > >> > >> > >> > >>-----Original Message----- > >>From: "Fogelson, Steve" <[EMAIL PROTECTED]> > >>To: "Witango User Group (E-mail)" <[EMAIL PROTECTED]> > >>Date: Tue, 12 Oct 2004 15:40:48 -0500 > >>Subject: Witango-Talk: Cookies > >> > >> > >> > >>>I have built my shopping cart application without <@userreference> > tag > >>>at > >>>the end of each url. It seemed after all the discussion about a year > >>>ago > >>>that this was the way to go. Especially with search engine spiders > and > >>>hijacked sessions. > >>> > >>>I talked to one of our online customers today and discovered that he > >>>was > >>>being assigned a new session id every time he added an item to his > >>>cart. > >>> > >>>I'm trying to figure out a strategy for handling customers that have > >>>disabled cookies, besides requiring them to sign in when entering > the > >>>site. > >>> > >>>Is there a way to check to see if they have cookies disabled? > >>> > >>>Any ideas on how to handle customers that have disabled cookies? > >>> > >>>I am also concerned about all the user variables being created for > this > >>>type > >>>of customer. Thanks in advance for your help. > >>> > >>>Steve Fogelson > >>>Internet Commerce Solutions > >>> > >>> > >>>____________________________________________________________________ > ___ > >>>_ > >>>TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > >>> > >>> > >> > >> > >>_____________________________________________________________________ > ___ > >>TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > >> > >> > >> > > > _______________________________________________________________________ > _ > > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > > > _______________________________________________________________________ > _ > > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > > > > > _______________________________________________________________________ > _ > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > > > _______________________________________________________________________ > _ > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
