Login theory

[user-7256]

Hey,

Suppose I want to allow a user to save settings without having to register or login (for a web 2.0 project) - theoretically, can this be done with PHP?

I could save a cookie, save some tracking info in the database and then recall the cookie info? (Save info in DB also, just in case cookies are erased.)

But, what if they clear their cookies and their IP changes?

How can I do this?

Thanks,
-Matt

 

[nathanjacobs]

It wouldn't be that practical but along with the cookie you can also generate a unique id, and allow them to do anything they want to the data using that number as a sort of access code on a URL.

i.e.

http://www.whatever.com/edit.php?unid=8r5yrT4p93G5hc

Then pull from the db i.e.

select * from tablename where unid = '$_GET[unid]'

Etc etc.

 

[user-7256]

So a long ID to identify the user? Hmm... and no password, too cumbersome:

h3jy5923515-acolq2d-39lslaeibn3-a19512

And just have it saved somewhere... I guess that could work. Anybody else care to offer their suggestions?

 

[The_Inferno]

Mhmmm I can't thing of any myself I would go with the previous posters advice.

 

[moondog]

You can only do what you want with cookies. Without a login, there is no way to store and retrieve info uniquely.

So, you set the cookie, then you read it. If the user clears their cookies, the info will be lost.

Storing the stuff in a database is useless too, because if they clear the cookies, then you are in the same boat as before.

If you want to store things indefinitely, then you MUST use a login and store the info in a DB.

Regards,

-Bob

 

[axilant]

The only websites that can do this if they use activeX. To identify there microsoft id ect... and will only work with internet explorer/windows os.

You will need a server that supports asp or asp .net (doesnt matter, both can do it).

I belief Java Sun has some type of technology to do this as well, but im not sure...

 

[user-7256]

ah ... good idea Axilant, unfortunately, I am trying to stick with PHP I know there's a way, I'm working on it, many thanks for all your help! ^_^

 

[axilant]

It cannot be done with php without loosing the information... you could use there ip address to a database, agian, it will not work with dial up users.

 

[Wybe]

Hmm... and no password, too cumbersome

If you want it to be secure, you've got to use a proper login system, because a password is all about being secure and making sure only one person can reach his/her preferences, information or whatever.

 

[stscac]

Why are you trying to avoid using cookies?

-Steve

 

[gamex]

The only thing I can think of (I belive someone mentioned it) would be to have them save their info under a unique ID you generate, which could be a random 10 digit number or whatever, that you store in the database. This could also be written to a cookie and then emailed to the user. The user could then click on the link on the email, or enter the code into the website to get their info back. If the come back to the website and havent deleted the cookie, they would also be able to get their info back as well.

Have you ever used easybib.com? Thats one website I can recall where you can create bibliographies, and they give you a unique reference number on the page and via email which you can enter to retrive your biblography in the future; you dont need to create a login account (last time I checked). They may also set some cookie so you dont have to enter that info in if you visit the site soon after the info was saved.

The only way to put info on a persons computer is a cookie (or activeX i believe), if there was anything else you could to, it wouldnt be secure at all.