Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid

Re: Recommendations for client-side state management

by TJPride (Pilgrim)
on Nov 23, 2011 at 11:32 UTC ( #939641=note: print w/replies, xml ) Need Help??

in reply to Recommendations for client-side state management

If the user is logged in, you can internally create a sequential ID, link it to the user, and pass it along in a hidden form field. They can't just change the ID and jump into someone else's form, because the ID is linked to the user and the user login is already being verified.

If the user is not logged in, you can generate some sort of guid (long, random alphanumeric, usually) that they'd never be able to guess, or use a sequential ID like above only with a security code included - the security code being a one-way hash of the ID + some internal key.

Either way, the simplest way is to just pass along the identifier as a hidden form field if you want them able to do multiple forms simultaneously. This sort of thing is why I only ever use cookies / sessions for user logins, never for form input. ID's + database storage is just so much simpler.

  • Comment on Re: Recommendations for client-side state management

Replies are listed 'Best First'.
Re^2: Recommendations for client-side state management
by Anonymous Monk on Nov 23, 2011 at 11:39 UTC

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://939641]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (7)
As of 2018-01-17 11:17 GMT
Find Nodes?
    Voting Booth?
    How did you see in the new year?

    Results (198 votes). Check out past polls.