1

I'm using Rails 3 for my website. I have cases where my site users have blocked my site from storing cookie data in their browser.

I have a public part of my web site, where users need not sign in to access it. There, I need to store some info temporarily in session[] until next few requests.

Since users have disabled cookies for my site, I chose the :active_record_store for :session_store. Even after doing this, I'm not able to store and retrieve values successfully from the session[]

Cart::Application.config.session_store :active_record_store, :key => '_cart_session', :domain => :all

what can I do to store values in session[] in those cases. please help.

Anand
  • 10,310
  • 24
  • 90
  • 135

2 Answers2

2

If cookies are disabled, you cannot use sessions, because the session ID is transmitted using cookies.

You may try to transmit the session ID in other ways - for example, in PHP there is a parameter appended to every form and link: PHPSESSIONID. You may use the same technique, and make your links look like this one:

<a href="/users/1?session_id=12345">

Rails will not allow you to use sessions without cookies, but I am sure that writing it yourself would not be too hard. Just be sure to consider the security implications of session ID disclosure!

If you are interested in the PHP way of handling sessions, you may want to see the PHP session documentation and two questions: "How do PHP sessions work when cookies are disabled?" and "do sessions work when cookies are disabled?".

Community
  • 1
  • 1
Arsen7
  • 12,522
  • 2
  • 43
  • 60
0

You can

  1. Create unique code for each user, and modify all links and forms to include it.

  2. Store user data in your database along with that unique code for personalization.

  3. When user request comes along with that unique code, apply personalization.

You can't assign unique code for each IP address, as many users use same IP address, or their IP address may change frequently.

Atul Gupta
  • 725
  • 1
  • 6
  • 20