I talked with Tareth earlier about the problem I've been having at the site. (Btw Tareth, everything is working fine on my Laptop) On my desk top, I can log in...but when I switch around in the forums I have to re-enter my login information. Plus, when I try to post...it says that I'm not allowed and sometimes when I try to read a post, it tells me that the post I am trying to view does not exist. Tareth says it might be that my computer is not recognizing the cookies.
Anybody have a fix for that? I've checked all my settings and nothing seems out of the ordinary. And as I said, on my laptop it's all hunky-dory.
Logging in/Posting/Reading Posts
Moderator: Staff
-
NickOvTyme
- Proven Adventurer
- Posts: 210
- Joined: Wed Mar 31, 2004 7:12 pm
-
Altara d'Poison
- Adventurer
- Posts: 146
- Joined: Tue Feb 10, 2004 10:06 pm
- Location: Etherally everywhere
The forums are dependent on cookies for them to work correctly. I havent heard of anyone else having this\these issues yet so lets see if we can get you fixed up.
First...what OS is on the laptop and the desktop?
Here is some insight on how things work...may help explain the problem and knowing is half the battle...
The forums use sessions to keep track of users as they move between pages. The session information tells us who this user is. Therefore in order to determine what a user can do on a page we first need the session details. Once this data is available we can check whether the user is permitted to do whatever it is they are trying to do. This can result in it appearing as if a user is reading a topic in a forum they should not be able to access. Or perhaps viewing private messages when they are only guests, etc. In practice the user is not doing these things, they are viewing a "You are not permitted to do this" type message. The session data has simply been updated before we were able to determine what the user could or could not do.
They also use sessions to keep track of users as they browse the board. These sessions use a combination of a unique session id and the users IP to identify each user. We make use of the IP as an extra safe-guard to help prevent sessions being hijacked (by discovering the unique session id).
Unfortunately this only works when the users IP is constant as they browse the board. For most users this will be the case. However certain providers route their users via a cluster of proxys. In some cases, particularly AOL this results in different IPs being forwarded as the user moves between pages. We take account of this by not checking the entire IP but only the first "three quads". Again in most cases this will be fine. However again AOL uses IPs which can vary so much that checking only the first two quads results in a fairly static IP being available for session validation.
Now this may not exactly be the problem you are having but it sounds close to the right path . Contact me on Aim if you get a chance and I will try to get you to rights..
Altara
First...what OS is on the laptop and the desktop?
Here is some insight on how things work...may help explain the problem and knowing is half the battle...
The forums use sessions to keep track of users as they move between pages. The session information tells us who this user is. Therefore in order to determine what a user can do on a page we first need the session details. Once this data is available we can check whether the user is permitted to do whatever it is they are trying to do. This can result in it appearing as if a user is reading a topic in a forum they should not be able to access. Or perhaps viewing private messages when they are only guests, etc. In practice the user is not doing these things, they are viewing a "You are not permitted to do this" type message. The session data has simply been updated before we were able to determine what the user could or could not do.
They also use sessions to keep track of users as they browse the board. These sessions use a combination of a unique session id and the users IP to identify each user. We make use of the IP as an extra safe-guard to help prevent sessions being hijacked (by discovering the unique session id).
Unfortunately this only works when the users IP is constant as they browse the board. For most users this will be the case. However certain providers route their users via a cluster of proxys. In some cases, particularly AOL this results in different IPs being forwarded as the user moves between pages. We take account of this by not checking the entire IP but only the first "three quads". Again in most cases this will be fine. However again AOL uses IPs which can vary so much that checking only the first two quads results in a fairly static IP being available for session validation.
Now this may not exactly be the problem you are having but it sounds close to the right path . Contact me on Aim if you get a chance and I will try to get you to rights..
Altara
-
DUEL Nick
Who is online
Users browsing this forum: No registered users and 0 guests