Hi Guys! We run an Application Service for a collection of group homes. These group homes are manned 24/7 and the staff use our application to clock in and out.
Maybe this wasn't the greatest idea, but I have implemented a system of cookies to track logins and clockins. When someone accesses our server, the CFID and CFTOKEN cookies are set, of course. When someone logs in, the USER_INFO cookie is set. When they log out, the USER_INFO cookie is deleted. In addition, in order to facilitate categorizing the time entries, three cookies are set up on each machine being used to clock in and out of: MACHINE_COST_CENTER, MACHINE_HOURS_TYPE, and MACHINE_LOCATION. The cookies are never deleted in my code - either through JavaScript or using <CFCOOKIE>. Whenever these cookies are missing or not correctly set, an email is sent to me with as much debug information as I can get. The problem I am having is that at different times and at different group homes, someone will not be able to clock in, even though their supervisor set up the machine earlier in the week. And the email I receive reveals that the CFID and CFTOKEN cookies are set, and the USER_INFO cookie is set, but the MACHINE_COST_CENTER, MACHINE_HOURS_TYPE, and MACHINE_LOCATION cookies are missing. I have to do some more research to be sure, but it seems like the only machines that lose some of their cookies are machines tucked away in group homes, not in office settings. What I suspect is that someone on the previous shift is visiting non-work related websites and deleting all the cookies that were modified on their shift. The next person logging in would then recreate all but the machine cookies, but then trying to clock in, would get the error. Questions: 1) Is their a machine-unique identification that can be sent from each browser that cannot be deleted? 2) Is their a way to prevent someone from deleting cookies? I think most of these machines are running Windows 98. 3) Is their a way to catch them in the act? It's possible that, depending on what non-work related websites the staff are visiting, our client would want to know and take appropriate action. Thanx Dave ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
