--- Perrin Harkins <[EMAIL PROTECTED]> wrote: > Todd W wrote: > > I have a table with some basic user information > (first name, last name, > > address, > > phone number, etc...). > > That's permanent data, not session data. Session > data is transient.
I was reading through the archives and came across this. Everyone was so helpful the last time I had a Apache::Session question (thread "what goes in a session?") so I'm back with another question. The last project I worked on really had no transient data, so the only thing I put in the session was the user id (well, there was one transisent item...current page, so that got put in the session as well). The project I'm currently working on (mod_perl, TT, Apache::Session) is a registration system. Since this is closer to a shopping cart, I would consider the data transisent. My question is with regards to whether I need or should put the submitted data into the session as the user navigates the forms (to create an account). The user will be taken through three forms to create an account. So for instance, form one will ask the user to create a username, password, and provide an email address. Before moving on to form two (billing info), should I put this data in the session, or just go ahead and dump it in the database (after making any nec. checks), since I won't need the info until they actually login? Or should I collect all the info from all three screens by putting it in the session as the user traverses the forms and then put it all in the database at once? I'm currently using the first option. BTW, it is possible for a user to create a free account by hitting form one only, so no harm would come if something happened after form one. Another question, while not mod_perl related (sorry:), is how to taint check input data like usernames, address fields and email addresses. All info is just put in the database, no unsafe system calls are run. I'm curious as to what characters to limit for usernames in particular. Thanks... __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com