Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW

Re: Recommendations for client-side state management

by TJPride (Pilgrim)
on Nov 23, 2011 at 11:32 UTC ( #939641=note: print w/replies, xml ) Need Help??

in reply to Recommendations for client-side state management

If the user is logged in, you can internally create a sequential ID, link it to the user, and pass it along in a hidden form field. They can't just change the ID and jump into someone else's form, because the ID is linked to the user and the user login is already being verified.

If the user is not logged in, you can generate some sort of guid (long, random alphanumeric, usually) that they'd never be able to guess, or use a sequential ID like above only with a security code included - the security code being a one-way hash of the ID + some internal key.

Either way, the simplest way is to just pass along the identifier as a hidden form field if you want them able to do multiple forms simultaneously. This sort of thing is why I only ever use cookies / sessions for user logins, never for form input. ID's + database storage is just so much simpler.

  • Comment on Re: Recommendations for client-side state management

Replies are listed 'Best First'.
Re^2: Recommendations for client-side state management
by Anonymous Monk on Nov 23, 2011 at 11:39 UTC

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://939641]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (5)
As of 2018-03-22 04:48 GMT
Find Nodes?
    Voting Booth?
    When I think of a mole I think of:

    Results (272 votes). Check out past polls.