From: Ian Sparks <ians@et...> - 2002-11-27 18:13:07
David, this seems a good idea but in a long user session won't you be =
left holding a very large list of issued but not used and used =
I guess once used a validation id can be taken out of the list since a =
validation criteria is that it be in the list (i.e. have been issued at =
How, if at all, does SSL play into this (Back=3DPage Expired?).
- Ian Sparks.
From: david e [mailto:bbs@...]
Sent: Wednesday, November 27, 2002 11:13 AM
Subject: Re: [Webware-discuss] POST Idiom Advice.
Always have a hidden field with your forms that has got a random=20
value for "one time" only actions. Generate a suitable number/string=20
and save this to the user session. Then before you perform any=20
actions make sure this value 1) exists, 2) isn't "used", 3) then mark=20
it as used.. Now you should be safe for all kinds of Reloads, Back=20
buttons etc.. Good luck.
>This isn't a webware question per-se but I'd like to ask how people=20
>The problem for me is the Browser Refresh button. If you click it=20
>now its not going to do what it says ("Refresh"), its going to=20
>re-post the delete action (which could be bad).
This SF.net email is sponsored by: Get the new Palm Tungsten T=20
handheld. Power & Color in a compact size!=20
Webware-discuss mailing list