Following your advice I changed my index function (where the grid is
created) to
if 'edit' in request.args:
form = grid.update_form
session.modified_on = form.record.modified_on
And the onvalidation function to
if request.args and request.args[0] == 'new':
...
elif session.modified_on != db.client(request.vars.id).modified_on:
form.errors.code = T('The record was changed while you were
editing. '
'Press F5 to refresh.')
else: # Edit/delete from edit form, after checking the record was not
modified while editing.
...
What is the more secure way to transfer the modified_on?
Using
session.modified_on
or
form['hidden'].update(modified_on=form.record.modified_on)
and then
request.post_vars.modified_on
?
I ask this because there is an option to make session secure when using
HTTPS.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
