From: Geoffrey T. <gta...@na...> - 2002-04-16 13:02:38
|
Tim Payne wrote: > On Monday, April 15, 2002, at 06:27 PM, Karl Putland wrote: > > > Should probably put the fields as > > > > ... > > <input type="hidden" name="<%=fieldname%>" value="<%=fieldvalue%>" > > /> > > > > on your login form. I don't think that posting a form with a > > querystring as its action is exactly legal. Different browsers may > > interpret it diferently. > > As Geoffrey said, using the querystring with a form is > probably legal, > but hidden inputs are probably the ideal solution, since you wouldn't > lose them if for some reason (like an incorrect password) the > login form > page was reloaded. ??? I don't get it. Why would you lose the parameters in the query string if the login page was reloaded? I used to use hidden fields in my login page, but I switched to just keeping them in the query string once Webware was changed to support that. It hasn't caused me any problems and the code is simpler... I _am_ thinking of trying what Ian (I think) suggested and issuing a redirect to the destination page after the user logs in. That way the page that comes up after logging in is the result of a GET instead of a POST, which I believe will work nicer if the user reloads the page. - Geoff |