IMHO, using HTML hidden variables is a bad habit to get into for several reasons.
First, it increases the amount of HTML transferred between the client and the server.
Second, it could tempt people to save the HTML, modify the input variables, then
resubmit the form to try and 'hack' the CGI/Java application. For the really paranoid,
which I have done at times, you cache information about all your HTML input variables
on the server, then compare them to what was submitted by the HTML form.
In a few cases we even send email to a system administrator notifying them of the
attempt to break security if the static form input values differ from the cached
versions.
Just my 2 cents.
Glenn
Divya M A wrote:
>
> Jyoti,
> To my knowledge, the options to pass values of first page through a
> second page on to the third are:
> Save the values delimited by commas into a hidden variable in the second
> page from which these can be retrieved in the third page(using String
> Tokenizer).Or use Session vaiables, which is not generally done.
> Someone please do correct me if I'm wrong.
> Regards,
> Divya.
>
> ----- Original Message -----
> From: Jyoti Bongarala <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, April 06, 2000 5:06 PM
> Subject: how to pass parameters retrieved in a jsp page to the next jsp page
>
> > Hi! Listees,
> >
> > Can somebody help me with this question:
> >
> > how to pass parameters retrieved in a jsp page to the
> > next jsp page
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Talk to your friends online with Yahoo! Messenger.
> > http://im.yahoo.com
> >
> >
> ===========================================================================
> > To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
> JSP-INTEREST".
> > Some relevant FAQs on JSP/Servlets can be found at:
> >
> > http://java.sun.com/products/jsp/faq.html
> > http://www.esperanto.org.nz/jsp/jspfaq.html
> > http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> > http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
>
> ===========================================================================
> To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
> Some relevant FAQs on JSP/Servlets can be found at:
>
> http://java.sun.com/products/jsp/faq.html
> http://www.esperanto.org.nz/jsp/jspfaq.html
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
--
----------------------------------------------------------------------
Glenn Nielsen [EMAIL PROTECTED] | /* Spelin donut madder |
MOREnet System Programming | * if iz ina coment. |
Missouri Research and Education Network | */ |
----------------------------------------------------------------------
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
