Almost any Web server can handle this, going back to the dawn of time (well, whenever CGI was invented – 1993?) but I’ve not heard of using LiveCode as (or embedded in) a Web server. Can you point me to any documentation about that?
As far as sessions vs long-lived cookies, yes, that’s a good way to handle something where you really want to ensure that the user is who she says she is. You can set a session cookie to expire on browser close, or even after a period of inactivity. All that a cookie can tell you is that the computer is the same from one session to the next, and in a shared computing environment like a school, it’s not a very safe assumption that it’s the same user AND computer.
Your students will need to log in at the beginning of each session, but then will be able to navigate from page to page as long as they don’t close their browser window (on Windows or Chrome) or quit their browser (on other Mac browsers).
Honestly, if I were you, rather than running this off your Mac (which will have to remain on and connected to the net 24/7) I would take a serious look at an open courseware application like Moodle (which is free, open source software). You install this on a normal commodity Apache server, and the whole thing is designed to do what you want to do from the ground up – logins, sessions, homework uploads, etc. Unless you want the experience of building this application, which I wholeheartedly endorse, I would steer clear of trying to do this yourself. There are stiff laws around student privacy that you could unintentionally run afoul of, and there are simple programming mistakes that you could make which might expose personal information and expose you to personal liability as well. I carry 2 million dollars of professional liability insurance for just this sort of thing.
Walter
On Dec 4, 2013, at 10:47 AM, Gregory wrote:
Hello everyone,
I’m creating a website for my students. It will be run off my Mac. Students will be able to upload assignments and submit their answers to quizzes and such. I’m doing the server-side scripting using LiveCode.
I will have a sign-up page that lets students create an account by entering their student ID and choosing a password. What I want to do is remember the student on each page that they visit after signing in so that they do not have to re-enter their ID and password when they submit homework. That can be done using cookies, but I’ve been told that cookies are now frowned upon, and that it is preferable to track visitors on the server side using a unique, randomly-generated session ID. Does anyone have a general strategy for doing this? It has been suggested to me that I use POST on every page in combination with a hidden field that contains the assigned session ID. Whenever the student clicks a navigation link, the link executes the POST, which sends the session ID from the current page and is validated by the server (LiveCode). If valid, the session ID is inserted into the hidden field on the destination page. Does that sounds reasonable? Is there a better way? Any thoughts wo
uld be m
uch appreciated.
Regards,
Gregory
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options