Web Site for my Students
Robert Brenstein
rjb at robelko.com
Tue Oct 29 11:11:55 EDT 2013
On 29.10.2013 at 7:33 Uhr -0400 Gregory Lypny apparently wrote:
>Hi Alex,
>
>Thanks for your reply. By 'okay' I meant confirm that the student is
>registered in one of my courses. For my old On-Rev site, I used the
>student ID chopped up and mixed with the Seconds at the time of
>login. I think that is like your third option. It isn't hard to
>create a lookup table. I just thought there might be other aspects
>to using cookies that I might be missing.
>
>Thanks once again,
>
>Gregory
In many countries, using cookies in this way requires explicit
consent from each user, but it I don't know whether this applies to
Canada and whether all your users are in Canada.
Aside from spoofing already mentioned, the question to consider is
how private is student id considered by your institution.
Theoretically, you could remove it (I mean the value of cookie) when
student logs out, but most users just walk out, leaving their id on
the computer. If all users are using only their private computer,
this is fine, but if they also use public computer, that can be an
issue (from another person doing things under that id to someone
finding an id of a specific person).
Robert
More information about the use-livecode
mailing list