Login Design Issue.

Hi folks,

I am working on a database autentication with SQL server. I am wondering there are quite a few people turning there cookies off.
What would be the best approach to setup a login page from a professional point of view and why?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

hey mathieu,

I've just recently had to do this ASP.NET

They way i went about was to create a database table called SessionIDs (for storing a SessionID, UserID & IsActive) and a table called Users (for storing userid, username, password)

From that you can setup a login page with the following logic.
if (SessionVariable set) && (is valid session)
  // draw Logged in page
else if (SessionVariable set) && (is expired session)
 // draw Login Again Page
else if (post details sent) && (invalid login)
 // draw Login Again Page
else if (post details sent) && (valid login)
 // draw LoggedInPage & Set Session Variables SessionID + Active = 1 in the database.
else (not post details sent)
 // draw default login page

You can make the setup more complex by adding a timestamp for "lastChecked" to the sessionid table so everytime you revalidate it you can check to see if the page has been sitting idle for X number of minutes...

As for the cookie point of view... well theres not alot you can do to force people to use cookies... Perhaps theres a way to check the Internet Browsers Use_Cookie_Status and popup a message advising them to turn on cookies for your site.
mathieu_cuprykAuthor Commented:
I see exactly what you mean and this is a very good approach. But I cannot see a clear picture. Do you have your site up?

Unfortunately not in a publically viewable location, the project I worked on was for a Company Intranet.

I have a logic layout document on my other PC tho for the login system, and I'll put that document in a publically viewable place later tonight and post the URL.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mathieu_cuprykAuthor Commented:
Sure just email me at macupryk@videotron.ca I would love to see it.
mathieu_cuprykAuthor Commented:
Points increased.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.