Announcement

Collapse
No announcement yet.

Browse Boards With Cookies Option

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Browse Boards With Cookies Option

    I've noticed that all new Registrations automatically default to NOT browse boards with cookies. Is this good or bad? What would be the preferred method of viewing the forums?
    Rob

  • #2
    in general, users should browse the board with cookies. if they don't the information normally extracted from the cookies, including username and password, will be passed along in the URL itself. this means that someone going through your browser's history file could extract your username and password.

    also, not using cookies may cause problems for some users using proxy servers.

    if you want to the default value to be on, not off, it's an easy fix:

    1) go into your admin
    2) choose 'Templates -> Edit'
    3) choose 'Expand List'
    4) scroll down until you find the template 'registeradult'
    5) click 'change original'
    6) in the template scroll down until you find the part 'Browse board with cookies?'
    7) immediately below that are two input fields, and in your case the 'no' option is checked
    8) remove the word 'checked' from the input line for 'no' and add it to the input line for 'yes' like so:
    Code:
    <INPUT TYPE="RADIO" NAME="nosessionhash" VALUE="yes" checked>
    9) click on 'Submit' and you're done.

    from that point forward any users who register will have that option checked by default. note they will still have the option of overriding that value if they uncheck it. you can force everyone to have that value set to 'yes' by getting rid of the question on the registration form altogether and submitting it as a hidden field instead, like so:

    Code:
    <INPUT TYPE="hidden" NAME="nosessionhash" VALUE="yes">
    that way the field is not editable, and therefore cannot be overriden by the registrant. if you go that route, remember to do the same for the modifyoptions page as well.

    good luck!

    Comment


    • #3
      Originally posted by tweakboy
      in general, users should browse the board with cookies. if they don't the information normally extracted from the cookies, including username and password, will be passed along in the URL itself. this means that someone going through your browser's history file could extract your username and password.
      That isn't true in vBulletin. Username/password are *not* passed via the URL.

      In vB 1.1.x it did, however the password was crypted .

      In vB2x, neither username nor password are parsed through the URL, but instead the BB uses sessionhash.

      Comment

      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
      Working...
      X