Sessions Storing Cookies?!

[noellees1]

Hi,
I am relitively new to CFM however i am now building a web hosting control panel for my friends and i.
We have run into a problem that when a user logs in a session is stored as in <cfset session.user_id=#verifyuser.user_id#>
and we re call this code throughtout the application.
Now the problem lies that a user i know who is hot on security runs firefox (as do i) but has his security settings high.
He cannot log into our system with cookies disabled now dont flame me if i am being really dumb but is a session sorted in a cookie? I thought all the url tokens were the sessionid.
But i am probably very wrong, if so can i do anything about the problem with him not being able to log in without cookies and also java enabled?
Cheers


Hope this helps,

http://www.spano.co.uk

http://www.spanoweb.com

http://www.stowrepair.co.uk

http://www.radiostow.co.uk

http://www.stuckforhosting.co.uk

 

[webmigit]

I run a site where privacy and security of private information is a high concern of my users... they have their cookies disabled to the fullest extent.. And I run into the same problem.. I've found that giving some cookie access is the only way the user can use my session enabled site.

The major browsers (probably any browser) handles session data in much the same way as cookies.. If a browser can't use a cookie it can't use a session.

The same goes for firewalls.. I use zonealarm on light settings but I have to constantly argue with the boss that he can't keep turning his ZA settings on high..

ALFII.com

http://www.alfii.com

---------------------
If this post answered or helped to answer your question, please reply with such so that forum members with a similar question will know to use this advice.