Posted by StevePBurgess on 09/28/32 11:36

I have a website that authenticates users and then allows them to visit
member only parts of the site.

The authentication uses cookies. When the user has logged in and the
script has satisfied itself that the username and password are correct
(comparing against a MySQL table), the following session script is run:

session_start();
session_register('sname','slevel','semail','stime','sadminlevel');
$sname = *real name of user*
$slevel = *their membership level*
$semail = *their email address*
$sadminlevel = *there administration level*
$stime = *the time they logged in*

the time information is also stored in the mysql table along with an
"expires" time so that their session can be cancelled if they leave
their computer unattended for a specified period. The session is
started on every page so that the above session variables are available
to scripts while the session is valid.

This all works perfectly - except on computers with cookies turned off.
A large number of members now have desktop access at their workplace
and want to use the site at work - but they all have cookies switched
off on their desktops and cannot change this setting.

Is there a way of

1) recognising that cookies are disabled
2) if they are, implementing a different way of maintaining sessions?

Any help would be very gratefully received.

Steve

[Back to original message]