I am designing a couple of websites for someone and they both have cookies enabled for remembering user preferences.
the two sites are related and I was just wondering is there any way of setting it up so one website will read the other websites cookies and change the user preferences for both websites.

I was asking the same question not too long ago.

I have attempted to figure out the Platform for Privacy Preferences (P3P), but I never quite got it. Maybe I was not really all that interested...

What have you tried, anyway?

__________________
J de Silva
Learning Journal | GIDForums™ | GIDNetwork™ | GIDWebhosts™ | GIDSearch™

Not yet, i figured i would ask someone was it possible/practical first.

would it be possible to set the cookie for an IP and then use the same IP to host a multitude of domains?

If you had read that thread I pointed to in my last reply, I recall mentioning a "long-winded" idea that I had in mind.

Well, that idea goes something like this...

We set up a database table with a column for the user's unique key, IP, user-agent data.

When a member logs in, the userid (key), her IP and user-agent is inserted into this table. Let's say she logged into example-1.com. Now, when she visits example-2.com, the scripts there just grabs her IP and her usergagent and sees if there's a matching record in the table. If there is, grab the userid, grab the relevant user details and set the cookie.

It's not the MOST secure method but as long as you do not allow them to update sensitive user information (simply based on this), it should be okay for the average site.

What do you think?

__________________
J de Silva
Learning Journal | GIDForums™ | GIDNetwork™ | GIDWebhosts™ | GIDSearch™

JDS!

I was just thinking of that same concept yesterday, as I was driving home from work. That would work beautifully! It is possible to do secure communications between servers, but it would be better and more efficient if the two (or more) websites that needed to communicate user data were on the same server. They could then easily share the same MySQL database table for user authentication.

Just recently, I ported some code over from JMRTechnet to another site I was setting up. For kicks, though I had a different template setup for the look of the site, I imported the same data from JMRTechnet into the MySQL database of the new site. Since all I needed was the username and password on the same local host, I could log into it from another site on the same server.

Within MySQL, you can set it up to only allow certain hosts to connect, which is what I typically do for my databases at my workplace. I guess a site on the same server would possibly still be considered a site running from the "localhost".

The combination of MySQL and sites on the same server, and routines for cookie based user authentication that check a common database/table would be a perfect solution for the application you have in mind.