Web Site for my Students

Robert Brenstein rjb at robelko.com
Tue Oct 29 11:11:55 EDT 2013


On 29.10.2013 at 7:33 Uhr -0400 Gregory Lypny apparently wrote:
>Hi Alex,
>
>Thanks for your reply. By 'okay' I meant confirm that the student is 
>registered in one of my courses. For my old On-Rev site, I used the 
>student ID chopped up and mixed with the Seconds at the time of 
>login. I think that is like your third option. It isn't hard to 
>create a lookup table. I just thought there might be other aspects 
>to using cookies that I might be missing.
>
>Thanks once again,
>
>Gregory

In many countries, using cookies in this way requires explicit 
consent from each user, but it I don't know whether this applies to 
Canada and whether all your users are in Canada.

Aside from spoofing already mentioned, the question to consider is 
how private is student id considered by your institution. 
Theoretically, you could remove it (I mean the value of cookie) when 
student logs out, but most users just walk out, leaving their id on 
the computer. If all users are using only their private computer, 
this is fine, but if they also use public computer, that can be an 
issue (from another person doing things under that id to someone 
finding an id of a specific person).

Robert




More information about the Use-livecode mailing list