Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Re: Re: (fongsaiyuk) info from one page to another.

by salvadors (Pilgrim)
on Jan 01, 2001 at 21:08 UTC ( [id://49186]=note: print w/replies, xml ) Need Help??


in reply to Re: (fongsaiyuk) info from one page to another.
in thread info from one page to another.

<tip> When using server-based session management, instead of storing lots of user data in the session consider storing only the row id from the user's login profile in the session. That way with one quick query to the database on a page reload you have all the user profile information.</tip>

This tip is particularly important to bear in mind if you're at all security conscious. It isn't particularly hard to manipulate session data, whether it's munged in the URL, or in a cookie, or wherever. If the only piece of information there is an ID that points to the real data, it's a lot harder to set that data.

This of course means that you shouldn't use autoincremented values for this ID, unless you don't mind someone deciding that they'd rather be user 123143 instead of 124124.

I've come across quite a few major ecommerce websites (including large public companies) who had URLs along the lines of http::www.wherever.com/cgi-bin/view_return?id=1233 to let you see the details of your return, and who would quite happily let you see the details of return 1232, 1231 etc as well...

Tony

  • Comment on Re: Re: (fongsaiyuk) info from one page to another.

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://49186]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (6)
As of 2024-04-19 04:00 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found