rossmcm
Programmer
- Jun 28, 2000
- 16
I have an ASP/Jscript site that uses session variables to remember a users login name and password. I also store these in cookies so the user can get logged in silently when they return.
Occasionally, the session variables get trashed. One moment they are fine and the next they are filled with junk. Sometimes the junk is unrelated to my site, and sometimes it's a querystring or posted data, but it's generally always recognisable as text of some sort. I have kludged around it my checking that the session variable and cookie contents agree, and forcing a login if they aren't, but it's ugly. I'd like to know if it's happening.
I'm thinking, why use session valriables at all, and just rely on cookies.
Occasionally, the session variables get trashed. One moment they are fine and the next they are filled with junk. Sometimes the junk is unrelated to my site, and sometimes it's a querystring or posted data, but it's generally always recognisable as text of some sort. I have kludged around it my checking that the session variable and cookie contents agree, and forcing a login if they aren't, but it's ugly. I'd like to know if it's happening.
I'm thinking, why use session valriables at all, and just rely on cookies.
