Thanks for the answer Aurélien,
there is 2 situations where i send a mail with a continuation : on the
opening of a new user account, a mail is sent to the user with this link
so i can be sure of the validity of the email adress before saving the
new account.
the other situation is when a company want to open an account, the mail
is then sent to the manager and the form is redisplayed, allowing the
manager to validate/change the data in the form before saving the account.
In the first case, the lifetime of the continuation is set to 10 hours,
which should be enough for the user to check is mail and click on the
link. If it's not, a page explaining that he have to process his request
again is displayed.
In the second case, the lifetime is set to 100 hours, so that the
manager have a few days to check the validity of the information sent.
In any case, this approach is really convenient, and i don't really see
the danger in doing this.
Could you explain further why it's dangerous/bad practice ?
Best regards,
Marc
Aurélien DEHAY a écrit :
Hello.
Marc Salvetti wrote:
<snip/>
I don't the answer to your question, but: isn't it dangerous, as the
mail is asynchronous, to send a continuation in a mail? Are you sure
the user will click on the link in a decent delay? Each continuation
has a lifetime, and the user could click the link even if the
continuation has been deleted.
Rgds.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
