Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m currently optimizing my web site. I’m using a simple credit system that gives you access to certain pages only if you have paid for them. Right now I’m always checking in the DB if the subscription is expired. I do this for multiple pages.
Would it be a good idea to check it only once when the user logs himself in and then carry the result in a session variable?
That would be a bad idea since it’s easily exploitable. A user can remain logged in for a long time, perhaps infinitely, if he wanted to. You should keep it the way it is.