Re^3: Encrypt web form values

in reply to Re^2: Encrypt web form values
in thread Encrypt web form values

Hi,

Yes, you should definitely look into CGI::Session. No the user cannot modify it, if you're not allowing it from the server side code. You can store almost whatever you want, and yes it can be reliably used. For storage you have also several options, file, db, cache, etc.

Regards,

fmerges at irc.freenode.net

Comment on Re^3: Encrypt web form values

Replies are listed 'Best First'.
Re^4: Encrypt web form values by Anonymous Monk on Dec 06, 2008 at 12:44 UTC
Thanks, fmerges. So the recipient of the web page has no way of tampering with the session data, am I right? Could you clarify "if you're not allowing it from the server side code."? What does that mean?	[reply]
Re^5: Encrypt web form values by fmerges (Chaplain) on Dec 06, 2008 at 15:12 UTC
Hi, No the client cannot directly tamper. Check out the tutorial, CGI::Session::Tutorial it explains you all the details. BTW take also a look at this module Data::FormValidator and taint mode. Regards, fmerges at irc.freenode.net	[reply]
Re^6: Encrypt web form values by Anonymous Monk on Dec 07, 2008 at 02:59 UTC
The tutorial was helpful. I've yet to check out Data::ForValidator. It's reassuring to know the client cannot tamper with the data. I'll go in that direction. Thank you :)	[reply]

In Section Seekers of Perl Wisdom