Secure Page/Reg/Login Process Flow

G

Guest

Which of these scenarios is better:

A
--

User Registers and is returned to the login screen to test his new username
ie (email address). A login script checks user name against database.
and asigns him a cookie id with an expiration date 30 days in the future
from Date(Now). He is automaticaly redirected to his initial requested
target URL.

B
--
User registers and is immediately sent to the Page he initially requested.
At the registration page a cookie is also initialized with an expiration
date and his prospsect database id.


A? or B?

Secure Page
-------------
Test for cookies Enablment/Turned On

(Yes)
If cookie present, test for Cookie Prospect ID.
No - Send back to login page
Yes - Depost Current URL in the UserPath table...Now let him view page

(No)
1. A. Send User to [A] Login Screen and force him to login.

Or

2. Inform him he can go no further until he enables cookies.

Sorry if this seems obvious, but I am concerned about where I place the
burden of the database code (sql server Sps) and where exactly I should
initialize the cookies and what I should do exactly to degrade appliation if
user does not have cookies.

Thanks
Jason
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top