J
John
Ok, so Session is less than desirable, at least that's what I'm always
reading. So what are real, practical alternatives? Querystrings? an
endless chain of hidden form fields??
Here are the things I'm looking for specifically....
1). I need to identify users uniquely as clients in some kind of
maintainable state.
2). I need to track anonymous user page views, etc. I'm guessing
Application level but don't know how to track users individually doing this.
Page views maybe, but not the succession in which they're viewed
Is there a way to do this without Session that isn't a pain in the a#*? Or
is Session just not that bad? I've used it a lot with users that manage
their "own" content but now I need to manage "all" users.
Oh, and how "safe" is Session? I need to know how hackers get into sites
that use the plain old "If userID <> Session("userID").....". Is there a
way that hackers can create their own session and get by this?
Thanks!
reading. So what are real, practical alternatives? Querystrings? an
endless chain of hidden form fields??
Here are the things I'm looking for specifically....
1). I need to identify users uniquely as clients in some kind of
maintainable state.
2). I need to track anonymous user page views, etc. I'm guessing
Application level but don't know how to track users individually doing this.
Page views maybe, but not the succession in which they're viewed
Is there a way to do this without Session that isn't a pain in the a#*? Or
is Session just not that bad? I've used it a lot with users that manage
their "own" content but now I need to manage "all" users.
Oh, and how "safe" is Session? I need to know how hackers get into sites
that use the plain old "If userID <> Session("userID").....". Is there a
way that hackers can create their own session and get by this?
Thanks!