Avatar of Mike Waller
Mike Waller
Flag for United States of America asked on

storing unique ID on user's machines

I know on some sites even with EE that even though I delete my cookies, my login information still gets populated in the login fields.  Is that information being stored in something other than cookies and is there a way to store a single ID string on a visitor's machine other than a cookie when a user visits a site?  Something that would work across all the major browsers and where they user is not entering in field data?  in the registry perhaps or would that require an Active X action?

How about storing in php session versus storing in cookie?

I also host my sites and control the server session.

Any ideas experts?
Web DevelopmentJavaScriptScripting Languages

Avatar of undefined
Last Comment
Badotz

8/22/2022 - Mon
SOLUTION
robasta

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
ASKER CERTIFIED SOLUTION
Member_2_5069294

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
SOLUTION
Mike Waller

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
SOLUTION
Member_2_5069294

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
SOLUTION
Badotz

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Mike Waller

ASKER
yes, but what if the user deletes his cookies from his browser?  then that ID is lost.  What about keeping the browser session open on that visitor?
SOLUTION
Badotz

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Mike Waller

ASKER
that's the rub though .. I don't want the visitor to log in.
Badotz

If you don't persist the token and the user deletes her cookies, how will you re-evaluate the user?

Somehow, somewhere, you'll have to persist the value, methinks.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Mike Waller

ASKER
yes, that's why I'm hoping there's a better solution than the cookie.
Badotz

Session variables?
Database?

There isn't much else...
SOLUTION
Member_2_5069294

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Mike Waller

ASKER
good point.  I could store both the ip from the user's machine and drop a cookie and store that unique id on the server.  so everytime the user comes to the site, I do two things..

1) verify the cookie still exists
2) verify that the ip hasn't changed

If the ip hasn't changed but the cookie was removed, I can re-attached the cookie based on the unique ip.  If the ip was changed (dhcp), then update the record in the db for both the cookie data and ip data.

If both cookie was removed and ip changed, I'm screwed :)
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Badotz

You cannot get around the fact that somewhere the user has logged into a website.

Whether or not it is your site is the issue: why are you set against it?
Mike Waller

ASKER
Badotz, I'm not following.  I don't mind the user logging into my site and I'll encourage it.  If the user does not create a profile prior to leaving the site I want to make sure when they return they are seeing what they saw when they first arrived.  make sense?
Badotz

What you desire makes sense, but what you're doing does not. If the user leaves without identifying herself to you, how can you identify her when she returns?

This is not a monologue, it is a dialogue. Betty leaves something with you and from that you can always identify her.

Sorry, but what isn't clear?
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
Mike Waller

ASKER
I understand your point. However, initially I'll need to identify with her machine.  Finding out it's Betty at the keyboard is of course the goal.
Badotz

Ask for her token (or user id/pwd). Check against the database. Problem solved.
Member_2_5069294

@Badotz, checking against the database will resolve the token.  COwebmaster dosen't want the user to have to type anything, and is concerned about identifying them if their IP changes or they delete their cookies.  Using both a cookie and the IP address creates redundancy, if the user changes IP or deletes cookies, they can still be identified by the other method.  Both token and IP would have to be stored in a database, because either might change.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Badotz

You're relying on unreliables. The IP might change. The cookie might be deleted.

Perhaps your website offers support for a retinal scanner or fingerprint detector, or facial recognition - any of which could improve reliability.

The fact that your storing something in a database doesn't make if foolproof, unique or correct. How can you guarantee identification without knowing something permanent about Betty? Something private that only she knows?
SOLUTION
Badotz

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Mike Waller

ASKER
thanks!
Badotz

No worries - glad to help.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes