> Thanks for reeling us back in. You pose a great paradigm. I'm > liking it. > This approach seems to mirror my pre C::A days where I called > a different > Perl scripts for each function: > > <form action="cgi-bin/users.pl"...> > or > <form action="cgi-bin/widgets.pl"...> > > So, your newly suggest approach might look like: > > <form action="cgi-bin/users.cgi"...> or <form > action="cgi-bin/widgets.cgi"...>
Yes, pretty much. This is as opposed to: <form action="/super_ultimate_app.cgi"> To the question of how to implement security and sessions: I'm on record as preferring that security and sessions be orthogonal (e.g., "mutually independent; well separated; sometimes, irrelevant to") to your web applications. This means that you implement security/sessions within Apache (via mod_perl handlers) and NOT in your CGI-Application modules. This will protect non-CGI files (html, images, etc.), and will work regardless of the language of any individual application, and regardless of whether the application was written with the security scheme in mind. Obviously, this only works in hosting situations where you have access to put modules into Apache. Since I always do have access, this is my preferred way of architecting applications. YMMV. TTYL, -Jesse- -- Jesse Erlbaum The Erlbaum Group [EMAIL PROTECTED] Phone: 212-684-6161 Fax: 212-684-6226 --------------------------------------------------------------------- Web Archive: http://www.mail-archive.com/[email protected]/ http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2 To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
