Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re: Recommendations for client-side state management

by TJPride (Pilgrim)
on Nov 23, 2011 at 11:32 UTC ( #939641=note: print w/ replies, xml ) Need Help??


in reply to Recommendations for client-side state management

If the user is logged in, you can internally create a sequential ID, link it to the user, and pass it along in a hidden form field. They can't just change the ID and jump into someone else's form, because the ID is linked to the user and the user login is already being verified.

If the user is not logged in, you can generate some sort of guid (long, random alphanumeric, usually) that they'd never be able to guess, or use a sequential ID like above only with a security code included - the security code being a one-way hash of the ID + some internal key.

Either way, the simplest way is to just pass along the identifier as a hidden form field if you want them able to do multiple forms simultaneously. This sort of thing is why I only ever use cookies / sessions for user logins, never for form input. ID's + database storage is just so much simpler.


Comment on Re: Recommendations for client-side state management
Re^2: Recommendations for client-side state management
by Anonymous Monk on Nov 23, 2011 at 11:39 UTC

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://939641]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (10)
As of 2014-07-29 19:45 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (226 votes), past polls