mathieu_cupryk
asked on
Login Design Issue.
Hi folks,
I am working on a database autentication with SQL server. I am wondering there are quite a few people turning there cookies off.
What would be the best approach to setup a login page from a professional point of view and why?
I am working on a database autentication with SQL server. I am wondering there are quite a few people turning there cookies off.
What would be the best approach to setup a login page from a professional point of view and why?
ASKER
I see exactly what you mean and this is a very good approach. But I cannot see a clear picture. Do you have your site up?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sure just email me at macupryk@videotron.ca I would love to see it.
ASKER
Points increased.
I've just recently had to do this ASP.NET
They way i went about was to create a database table called SessionIDs (for storing a SessionID, UserID & IsActive) and a table called Users (for storing userid, username, password)
From that you can setup a login page with the following logic.
if (SessionVariable set) && (is valid session)
// draw Logged in page
else if (SessionVariable set) && (is expired session)
// draw Login Again Page
else if (post details sent) && (invalid login)
// draw Login Again Page
else if (post details sent) && (valid login)
// draw LoggedInPage & Set Session Variables SessionID + Active = 1 in the database.
else (not post details sent)
// draw default login page
You can make the setup more complex by adding a timestamp for "lastChecked" to the sessionid table so everytime you revalidate it you can check to see if the page has been sitting idle for X number of minutes...
As for the cookie point of view... well theres not alot you can do to force people to use cookies... Perhaps theres a way to check the Internet Browsers Use_Cookie_Status and popup a message advising them to turn on cookies for your site.