Can I Identify Users/sessions Without Password Protection
The most usual (but browser-dependent) way to do this is to set a cookie.If you do this, you are accepting that not all users will have a 'session'.An alternative is to pass a session ID in every GET URL, and in hiddenfields of POST requests. This can be a big overhead unless _every_ pagerequires CGI in any case.Another alternative is the Hyper-G solution of encoding a session-id inthe URLs of pages returned:http://hyper-g.server/session_id/real/path/to/pageThis has the drawback of making the URLs very confusing, and causes anybookmarked pages to generate old session_ids.Note that a session ID based solely on REMOTE_HOST (or REMOTE_ADDR)will NOT work, as multiple users may access your pages concurrentlyfrom the same machine. Actually I don't think that's been true of Hyper-G since sometimein '96. However, general advances in web server technology, such asApache's mod_alias or mod_rewrite, make it straightforward withoutthe need for CGI.
2009-2016 downloadmela.com. All rights reserved.