Hi Mark On Tue, 2009-04-14 at 22:59 -0700, Mark Fuller wrote: > On Tue, Apr 14, 2009 at 8:16 AM, Mark Stosberg <[email protected]> wrote: > > > > However, only validation can check if in fact I have all parameters I > > need in the right format. That protects against the case where my > > application generates a link with a valid checksum, but somehow has the > > wrong data in it. If I skipped validation in the receiving run mode, I > > open myself up for a garbage-in/garbage-out problem, or perhaps worse. > > Wouldn't this be best solved by storing the links (or the checksum for > a link) in a session? When they perform their next activity, the > runmode checks to see if it (and the parameters on the URL) was one of > the expected run modes when the previous page was displayed?
That sounds like a great idea. I'm not sure about the size of sessios, though. Perhaps that's the sort of thing to be put in a db table, or a BerkeleyDB table. -- Ron Savage [email protected] http://savage.net.au/index.html ##### CGI::Application community mailing list ################ ## ## ## To unsubscribe, or change your message delivery options, ## ## visit: http://www.erlbaum.net/mailman/listinfo/cgiapp ## ## ## ## Web archive: http://www.erlbaum.net/pipermail/cgiapp/ ## ## Wiki: http://cgiapp.erlbaum.net/ ## ## ## ################################################################
