* Terrence Brannon <[EMAIL PROTECTED]> [2005-09-03 19:15]:
> A user requests *operations* - login, add user, view user which
> are materialized by model actions and feedback on success
> failure via the view/page. 

I model my applications as a set of resources, à la REST.

A GET request for `/user/12` brings up that user’s data. A POST
to the same resource will change his record. To receive the form
for editing a user record, you `GET /user/12?view=edit`. POSTing
to `/user/new` creates a new user resource, say `/user/42`, and
responds with a 302 redirect to that resource. (Actually, POSTing
always results in a 302, in order to make the browser’s back
button work and prevent accidental re-posts; but creating new
user resources would be a special case anyway.) Resources,
obviously, are only created or updated assuming credentials with
sufficient permissions; otherwise, the result is a 401 when not
logged in or a 403 when logged in, but lacking permission.


This is the way HTTP was designed to work.

*AUTOLOAD=*_=sub{s/(.*)::(.*)/print$2,(",$\/"," ")[defined wantarray]/e;$1};

SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
cgi-prototype-users mailing list

Reply via email to