Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Clear your cookies - sound familar?  (Read 2926 times)

0 Members and 1 Guest are viewing this topic.

electrode

  • Coppermine newbie
  • Offline Offline
  • Posts: 11
Clear your cookies - sound familar?
« on: November 17, 2006, 09:06:20 am »

How many times has advice been offered to "clear your cookies" in order to solve problems?
What other system has these problems?

How about solving the cookie problems once and for all in the next major release?

Personally I think cookies should only be used during the current session and not for storing context between sessions.

Please add an option to set the cookies to expire, or reinitialize the cookies at every logon or session start.

If permanent context (ie., between sessions) is absolutely required, then store it in the database.  What really needs to be kept besides current theme setting and language?

Thanks for considering ... :)


Logged

Abbas Ali

  • Administrator
  • Coppermine addict
  • *****
  • Country: in
  • Offline Offline
  • Gender: Male
  • Posts: 2165
  • Spread the PHP Web
    • Ranium Systems
Re: Clear your cookies - sound familar?
« Reply #1 on: November 17, 2006, 09:12:42 am »

Cookie is the problem only because of improper browser settings. We cannot eliminate cookies and use database for trivial information storage. Storing information in database and retrieving them means making additional database queries on each page which slows down cpg.
Logged
Chief Geek at Ranium Systems

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Clear your cookies - sound familar?
« Reply #2 on: November 17, 2006, 04:57:36 pm »

Using PHP-sessions instead has severe drawbacks as well. The board would be cluttered with people complaining about session issues instead of cookie issues. Review the threads where supporters recommended to clear the cookies: in all those threads, users have done something they shouldn't have done in the first place (like using invalid cookie names or similar) - those are PEBKAC issues imo.
You're welcome to post actual code that fixes any issues related to cookies. Just proposing to get rid of cookies is similar to asking to release bug-free software.
Logged

electrode

  • Coppermine newbie
  • Offline Offline
  • Posts: 11
Re: Clear your cookies - sound familar?
« Reply #3 on: November 17, 2006, 07:22:15 pm »

Hi Stramm. Not suggesting to get rid of cookies. Absolutely necesary to efficiently carry context between pages within a session.

For many situations, the same PC is used by different users accessing the same or different cpg sites, often with the same default cookie prefix, perhaps even at the same time. And the same user can use different PCs, perhaps even at the same time.

Once the user logs off, then the cookie context should be redundant, and at next log on cookies reinitialized.

For non-members no context should held between sessions.
Am I right that this suggestion only presents small complications because of non-members?
Even so, if a new browser session is started, then cookies could be reinstated. 

I might look at trying this once I know my way around the code a bit better.

For members, what other context would need to be stored between sessions besides current theme and language?
« Last Edit: November 18, 2006, 02:49:28 am by electrode »
Logged
Pages: [1]   Go Up
 

Page created in 0.016 seconds with 20 queries.