By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
425,606 Members | 2,016 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 425,606 IT Pros & Developers. It's quick & easy.

Secure Page/Reg/Login Process Flow

P: n/a
Which of these scenarios is better:

A
--

User Registers and is returned to the login screen to test his new username
ie (email address). A login script checks user name against database.
and asigns him a cookie id with an expiration date 30 days in the future
from Date(Now). He is automaticaly redirected to his initial requested
target URL.

B
--
User registers and is immediately sent to the Page he initially requested.
At the registration page a cookie is also initialized with an expiration
date and his prospsect database id.
A? or B?

Secure Page
-------------
Test for cookies Enablment/Turned On

(Yes)
If cookie present, test for Cookie Prospect ID.
No - Send back to login page
Yes - Depost Current URL in the UserPath table...Now let him view page

(No)
1. A. Send User to [A] Login Screen and force him to login.

Or

2. Inform him he can go no further until he enables cookies.

Sorry if this seems obvious, but I am concerned about where I place the
burden of the database code (sql server Sps) and where exactly I should
initialize the cookies and what I should do exactly to degrade appliation if
user does not have cookies.

Thanks
Jason


Jul 19 '05 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.