I noticed this non-critical buglet ...

If user log in with cookies disabled, they still get a "User Login Successful" page, with Logout as a menu option.

Is there any way either:
a) to disable login if cookies are disabled
or
b) force session information through the URL if user_sessions are set to Cookies, but cookies are not available.

Hello,

I also have this problem. I'm discovering that many of my users don't have cookies on and don't know how to turn them on.

Any ideas.
peace.
kyle

You can't turn them on :) ...its a browser setting.

I use the following:


Then you can put the following in the form tag:

onsubmit="return check();"

Well, I just did this and it appears to be working.

It does require a change in Authenticate.pm and it will set the sessionid into the url regardless if the user has cookies on or not, but if the user has cookies turned on and is logged in and clicks a url without the sessionid in the url, it will still let them in.

changed:
if ($CFG->{user_sessions} eq 'Cookies') {
my $session_cookie = $IN->cookie ( -name => 's', -value => $session_id, -path => '/' );
if ($url) {
print $IN->redirect ( -force => 1, -cookie => [$session_cookie], -url => $url );
$redirect = 1;
}
else {
print $IN->header ( -force => 1, -cookie => [$session_cookie] );
}
}

to:
if ($CFG->{user_sessions} eq 'Cookies') {
my $session_cookie = $IN->cookie ( -name => 's', -value => $session_id, -path => '/' );
if ($url) {
#this if statement accommodates users without cookies turned off.
if (! ($url =~ s/([&\?]s=)([^&])/$1$session_id/)) {
$url =~ /\?/ ? ($url .= "&s=$session_id&d=1") : ($url .= "?s=$session_id&d=1");
}

print $IN->redirect ( -force => 1, -cookie => [$session_cookie], -url => $url );
$redirect = 1;
}
else {
#the next two lines accommodate users with cookies turned off.
$IN->param ('s' => $session_id);
$IN->param ('d' => 1 );
print $IN->header ( -force => 1, -cookie => [$session_cookie] );
}
}

Hope this helps others.