POV-Ray: Newsgroups: povray.off-topic: As if we didn't have enough to worry about...: Re: As if we didn't have enough to worry about...

POV-Ray : Newsgroups : povray.off-topic : As if we didn't have enough to worry about... : Re: As if we didn't have enough to worry about...		Server Time 1 Oct 2024 15:21:48 EDT (-0400)

From: Darren New
Date: 4 Apr 2008 23:29:09
Message: <47f70015$1@news.povray.org>

Nicolas Alvarez wrote:
> With cookie-based login, the "something" to expire is the session data 
> stored in the server and identified by the session ID stored in the 
> cookie. Even if the client doesn't expire the cookie, the server 
> wouldn't accept the session ID anymore once the session expires.

Exactly. Hence, there's no real need for the cookie to do anything in 
order to "log out" or "expire the session" of the user, am I right? If 
the user comes back to a deep page with a valid login, bounce them to 
the top-level page that says "Your session has expired, please start over."

Then there's sites like (say) Facebook, where you're contractually 
obligated to have only one login, so having a "logout" button makes no 
sense to start with. :-)

> I would use it. I'm just arguing it's not "perfectly good", like you 
> said in your first post.

That's fair enough, yes. In part because the browsers don't support it. 
It's perfectly good for the process of logging someone in. What's not 
perfectly good is lame browser support. :-)

-- 
   Darren New / San Diego, CA, USA (PST)
     "That's pretty. Where's that?"
          "It's the Age of Channelwood."
     "We should go there on vacation some time."

Post a reply to this message