Mark Fuller said: > I thought the problem with putting the session ID in the URL is that > the user might copy/paste the URL to others. When they try to use it, > the app would have no way to know it's not the real user? >
Another problem is bookmarks. A user may bookmark a page, but when they come back a couple of days later, the session has expired. They might also email a link to others, and that link may not work for the same reason. ##### CGI::Application community mailing list ################ ## ## ## To unsubscribe, or change your message delivery options, ## ## visit: http://www.erlbaum.net/mailman/listinfo/cgiapp ## ## ## ## Web archive: http://www.erlbaum.net/pipermail/cgiapp/ ## ## Wiki: http://cgiapp.erlbaum.net/ ## ## ## ################################################################
