Hi, I have a report summary page in my application. Each row in the summary page corresponds to a particular report id. I have a hyperlink for each of the report. Clicking on which i display the report details. The catch is that there are some users to which a report belongs. Hence passing the report id via querystring is a dangerous business. The user can manipulate the report id and view a report of his choice. To avoid this, i have to check whether the obtined report id in the action class does actually belong to that logged in user. I came up with a simpler way -
I maintain some sort of �commonContainerForm� in our struts-config file. This form will contain only one field (�field�), which is the parameter that is to be passed to the server. This field will be populated when a user clicks on a hyperlink via javascript. But i want to avoid javascript in totality for my project. Does Struts provide any functionality regarding this ? Any help would be greatly appreciated. Many Thanks, Janarthan S --------------------------------- Do you Yahoo!? Yahoo! Mail SpamGuard - Read only the mail you want.
