best way to handle sessions

Results 1 to 2 of 2

Thread: best way to handle sessions

  1. #1
    Join Date
    Dec 1969

    Default best way to handle sessions

    I an creating a secure site. This is how I&#039;ve done it.<BR><BR> - global.asa file - on session start, redirects to logon page if session("status") variable is null or 0.<BR> - login page - validates the username/password and if successful, creates session("status") variable with the value of the logged in person&#039;s id in the SQL database.<BR> - used include page on every secure page to check that session("status") is not null or 0. If it&#039;s null or zero, it redirects to the logon page.<BR><BR>I&#039;ve tested it will all the pages that are to be secured and it works fine - that is the page will not display unless the person has authenticated and their unique id is stored in the session variable. The site will not be getting a large amount of traffic, but for future reference, I just want to see if this is an effective way of handling this. I&#039;m new to tracking sessions and it seems like a good way to me.<BR>I&#039;ve heard session variables can be a hog on resources if overused, but this doesn&#039;t seem that bad.

  2. #2
    Join Date
    Dec 1969

    Default Your fine...

    stick with what you&#039;ve got. That is a fairly common method for managing login status.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts