|
|
Posted by Sanders Kaufman on 10/30/07 20:15
"Michael Fesser" <netizen@gmx.de> wrote in message
news:tn3fi3tjpg9pqbruj2ef89poavflq33un8@4ax.com...
> .oO(macca)
>
>>dont use cookies. They are not secure and some people have cookies
>>turned off in their browsers. Use sessions instead.
>
> Sessions:
>
> 1) don't work here, as said
> 2) usually also use cookies (the SID can also be part of the URL, but
> then it's even more insecure than the cookie)
That's like saying chicken is a dangerous meat - simply because it contains
live salmonela.
In fact - it's healthier and safer than other meats.
Handled well - cookies are safe, too.
It's totally OK to use cookies to remember site preferences - screen size,
number of columns, etc.
And even to re-greet a returning user.
But then, when they try to do anything secure - ask for login creds.
Zend.com seems to do it this way.
Navigation:
[Reply to this message]
|