[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnumed-devel] choice of web frameworks

From: lkcl
Subject: Re: [Gnumed-devel] choice of web frameworks
Date: Mon, 12 Jul 2010 15:45:41 -0700 (PDT)

Sebastian Hilbert wrote:
> Am Montag 12 Juli 2010, 20:11:34 schrieb lkcl:
> My thoughts were like this. Couldn't one connect to the database with the 
> credentials supplied (kind of global=personal)? If the connection is 
> successful check for the cookie.

 ... but... the whole point is that "successful check for the cookie"
usually requires some sort of database connection, because usually the link
between session cookie and user credentials is stored in a SQL database.

 and remember that on each and every single HTTP request, you have _no_ idea
who they are (except via that cookie).

 so, yah, you _could_ use some random person's credentials to connect to the
database, just to get to the table storing the link between cookies and the
_real_ credentials but that's like.. eughh.

 and what happens when there is nobody logged in??  which credentials do you
use then?? because there aren't any!!

 it's a complete nightmare, one _entirely_ of your own making :)

 fortunately i'm done already with the cooperative multitasking http server.

View this message in context:
Sent from the GnuMed - Dev mailing list archive at

reply via email to

[Prev in Thread] Current Thread [Next in Thread]