Hello,
I am working on a web site that is available only over HTTPS and am
using session tracking.
So far I am only saving the person's display name (different then
login), site role and e-mail address in the $_SESSION data.
The rest of the site is dynamic, now the question is on three
Hi,
Monday, July 5, 2004, 1:27:12 PM, you wrote:
MG Hello,
MG I am working on a web site that is available only over HTTPS and am
MG using session tracking.
MG So far I am only saving the person's display name (different then
MG login), site role and e-mail address in the $_SESSION data.
Michael Gale wrote:
Now at the moment on
each page is a hidden variable containing a db primary key for which the
data is getting updated.
I know that hidden values are not a good idea since the user can change
them ... so I was going to store the hidden value in a $_SESSION
variable but then the
Tom Rogers wrote:
store it in the session like:
$_SESSION[session_id()]['dbkey'] = $dbkey;
then get it back with
$dbkey = (isset($_SESSION[session_id()]['dbkey']))? $_SESSION[session_id()]['dbkey'] : 0;
That doesn't negate the problem of people having more than one window
open and editing records
Hello,
Thanks for the replies ... I valid all the data and input from the
user. So if the user changes the value nothing bad will happen:
I have in the code:
if ($var != $hiddenvar) {
e-mail blank saying Blank has been updated
}
That is it ... I made a mistake in my last e-mail ..
5 matches
Mail list logo
