Drew Taylor [mailto:[EMAIL PROTECTED]] wrote: > I just looked at CGI::EncryptForm and David's module. The thing I like > right off the bat about C:EF is that you pass a href to encrypt() and get > back a href from decypt(). Perhaps I missed something, but FormContainer > takes a string, not a data structure. I prefer the simplicity of just > worrying about a structure, and not having to worry about converting it to > a string.
My module, FormContainer, takes arbitrary data structures like hash references too. You probably didn't see this because I used my own serializer module called FreezeThawLite instead of Storable. The lack of documentation of my module may have also been a problem. :-) I mentioned that a trivial rewrite to use Storable would be required when I attached the code. Simply replace FreezeThawLight::freeze with Storable::freeze and FreezeThawLight::thaw with Storable::thaw. :-) I agree with you that having to manually serialize session data to a string would be a real pain! > That said, I like the approach that the two modules use. One just goes an > extra step to guarantee data security. While looking for full-time > employment, I've been doing some freelance work, which basically is small > CGI apps. C:EF looks like it would make my life much easier by ensuring > consistent state w/ small effort on my part, and take care of any security > precautions as well. Combine that w/ CGI::Application (after I add TT2 > support :-) ), and my life as a freelance CGI guy just got a whole lot easier. See my last message about the security comparisons. > Thank you to everyone who contributed to this thread. I've gotten all kinds > of neat ideas I'll use in future projects! Good stuff. David
