Announcement

Collapse
No announcement yet.

why two cookie options?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • why two cookie options?

    Why are there two options for cookies, one for the login and one for browsing? Aren't they basically the same thing? And why does the second option default on no?

    The two options show:

    Automatically login when you return to the site? (uses cookies) yes no


    Browse board with cookies?
    Clicking yes will use cookies to keep your id for this session. Clicking no will send it through the links. (Selecting no may cause problems when sharing links with people behind the same proxy as you)

    ===================

    If the member chose yes on the second option, would this create additional queries and use more resources from our server? What is the benefit of having this default at no, if it could potentially cause problems for some users?

  • #2
    Originally posted by grumpy
    Why are there two options for cookies, one for the login and one for browsing? Aren't they basically the same thing? And why does the second option default on no?

    The two options show:

    Automatically login when you return to the site? (uses cookies) yes no


    Browse board with cookies?
    Clicking yes will use cookies to keep your id for this session. Clicking no will send it through the links. (Selecting no may cause problems when sharing links with people behind the same proxy as you)

    ===================

    If the member chose yes on the second option, would this create additional queries and use more resources from our server? What is the benefit of having this default at no, if it could potentially cause problems for some users?
    No they are not basically the same thing. One holds your password and the other holds your sessionhash. If the second is set to no and two or more people are browsing through a proxy server using the same IP and browser, there could be problems with them logging in or being able to use the system. Setting it to yes hides the sessionhash in a cookie on the user's machine and keeps the proxy server from getting confused.

    It creates no additional queries and the only added resources involved might include the additional HTTP headers for the cookie but these are so negligible as to be non-existant.
    Translations provided by Google.

    Wayne Luke
    The Rabid Badger - a vBulletin Cloud demonstration site.
    vBulletin 5 API - Full / Mobile
    Vote for your favorite feature requests and the bugs you want to see fixed.

    Comment


    • #3
      Originally posted by wluke


      If the second is set to no and two or more people are browsing through a proxy server using the same IP and browser, there could be problems with them logging in or being able to use the system. Setting it to yes hides the sessionhash in a cookie on the user's machine and keeps the proxy server from getting confused.

      Thanks for the reply! It sounds like the default for the second option should actually be 'yes' but it defaults at no. Is there a reason for this or am I looking at this the wrong way?

      Comment


      • #4
        If it were set to yes, people without cookies enabled would not be able to register properly.
        Translations provided by Google.

        Wayne Luke
        The Rabid Badger - a vBulletin Cloud demonstration site.
        vBulletin 5 API - Full / Mobile
        Vote for your favorite feature requests and the bugs you want to see fixed.

        Comment


        • #5
          IS THERE ANYWAY TO MAKE IT FOR ALL USERS AUTOMATIC TO YES ALL TO OPTIONS???

          i hate that many dudes are reporting me that they have the same proxy and now the wrong username is shown!!!!!!!!!!!!!! what tha **** is that ;-( please help me and i think its better when you delete this option out of VBB2 there are only problems with it!!!!!!!

          Comment


          • #6
            yes, make it a hidden option...

            <input type="hidden" name="nosessionhash" value="yes">

            Comment


            • #7
              UPDATE tablename SET fieldname='value';

              UPDATE user SET nosessionhash=1;

              Comment


              • #8
                ed > true, but a temporarily solution

                making it a hidden option in the registrationform and option-form will do the trick (provided all users havent set it to yes allready, then you have to execute the queries Ed provided first)

                Comment


                • #9
                  Originally posted by Mas*Mind
                  ed > true, but a temporarily solution
                  Yeah, actually I meant in conjunction with yours.

                  Comment


                  • #10
                    ok first thx for your answer but i´m a newbee where must i edit that????

                    Comment


                    • #11
                      Charon seen as no one has answered you question yet I'll try:

                      Go to edit Templates in your admin area, then edit registeradult.

                      Hope that helps you or anyone else who may have the same problem another time.

                      Comment


                      • #12
                        thx dude i found it already ;-)

                        Comment

                        widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                        Working...
                        X