R: [Phplib-users] Is there a way to save sessions between page open and close?
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
R: [Phplib-users] Is there a way to save sessions between page open and close?
|
From: Gaetano G. <giu...@se...> - 2004-07-05 14:47:10
|
I dunno about security implications, but avoidance of = double-form-submittal is usually done via javascript, e.g. before = posting data to the server set a cookie or some other variable on the = client... > -----Messaggio originale----- > Da: php...@li... > [mailto:php...@li...]Per conto di Herouth > Maoz > Inviato: luned=EC 5 luglio 2004 16:33 > A: php...@li... > Oggetto: [Phplib-users] Is there a way to save sessions between page > open and close? >=20 >=20 > I have a captcha system, wherein a php-generated image=20 > generates a number and > displays it, and the user has to respond with the same number. >=20 > If he does, a sensitive operation is performed, which we want=20 > to avoid being > performed several times in a row. >=20 > We find that if the user clicks the submit button on the form=20 > several times in > a row, it creates several connections, all of which check the=20 > number and do > the operation. Since the page does not reload between these=20 > submissions, the > number does not get replaced. >=20 > I thought I'd unregister the number directly after I verify=20 > that it's the > right one, so that the next connection made will not reach=20 > the sensitive > part, because its comparison will fail. >=20 > However, since the data is only saved in the session at the=20 > end, when I do the > page_close(), this is not working. I'd like to be able to=20 > control when the > session is saved, so that only the first connection will be=20 > able to access > that number. >=20 > Any ideas? >=20 > Herouth >=20 >=20 > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 -=20 > digital self defense, top technical experts, no vendor pitches,=20 > unmatched networking opportunities. Visit www.blackhat.com > _______________________________________________ > Phplib-users mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-users |
