Application, Session OR cookie??

Results 1 to 2 of 2

Thread: Application, Session OR cookie??

  1. #1
    Join Date
    Dec 1969

    Default Application, Session OR cookie??

    I am storing an ID number of a user, which would be the safest storage application, session or cookie, so if a user chooses another wed site then goes back to mine I can use the variable to check for the id in my database??<BR><BR>which one does anyone think?

  2. #2
    Join Date
    Dec 1969

    Default You can't store it in Application... any reasonable fashion, so we can forget that one.<BR><BR>And cookies are inherently unsafe, since it would be easy for a browser spoofer to supply you with a bogus cookie.<BR><BR>So you get to use either a Session variable or a DB field. Now *both* of those would in turn depend upon a cookie (the Sesssion.SessionID cookie value--see the ASPFAQs), but at least that&#039;s an encrypted cookie and is assigned in such a way that a spoofer would have a hard time finding a valid one at some other point in time.<BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts