If the browser disables cookie, in that case how can we achieve the result(without creating cookies)?
"If I'm not telling you, in that case how can you answer(without guessing)?"
Well, shooting into your general direction: encode the session key into the URL.
--shmem
_($_=" "x(1<<5)."?\n".q·/)Oo. G°\ /
/\_¯/(q /
---------------------------- \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}
| [reply] |
If you are trying to maintain state without using cookies, one way would be to use hidden fields. If you choose to use them, keep sensitive data on the server side. If you put data other than a session key in hidden fields, it may then be a good idea to generate a salted hash of the data you will be sending to the browser in hidden fields, put that hash in a hidden field, too, and then regenerate the hash when the data comes back to you with the next click and check it against the incoming hash. | [reply] |
The problem with hidden fields is that they don't get sent to the server when following links, only when submitting a form. There is a JavaScript workaround, but if the user is blocking cookies, he could very well be blocking JavaScript too.
The alternative is to attach the state info to every link on the page (e.g. http://example.com/page.html?s=1735273725117325), but that can make it hard for users to share URIs safely. You could bind the session to an IP address, but that would prevent some users from accessing your site.
| [reply]
[d/l] |
Print a big red warning message for the user to enable cookies in their browser, explaining that your site won't work if they don't (and then make sure it really doesn't work). Possibly include instructions for the major browsers.
| [reply] |
What result? Where is the Perl content in the question?
DWIM is Perl's answer to Gödel
| [reply] |
