 |
 |
 |
 |
|
|
|
Comments for: clark20030702
| Message # 1016872: |
|
Date: 07/03/03 10:26
By: terry chay Profile Subject: A simpler way to prevent this sort of thing.. This applies when you aren't as paranoid. This prevents a double-click of the submit as well as a back button and click again. Unlike the article, it doesn't expire the back button pages. This can be worked around if someone is being malicious. Simply create a UID (with uniqid()) and pass it as a hidden field in the form, store this session variable with the value 'false'. When the form is processed, changed the session variable to true. Before processing form, check to make sure the current value is false. Since you are using a UID instead of a "alive" ticket, this has generic applicability. Take care, terry |
Previous Message | Next Message |
| Comments: | ||
| RE: page expire | Sunit Singh | 12/06/04 04:59 |
| page expire | Thomas | 10/09/03 08:44 |
| Thanks all! | Joe Clark | 09/05/03 22:38 |
| very good session technique | suneel kanuri | 07/23/03 01:52 |
| Sweet | Psychomantum | 07/17/03 18:07 |
| Sessions | Daniel | 07/09/03 10:51 |
| Alternate suggestion | sbarnum | 07/08/03 11:22 |
| A simpler way to prevent this sort of thing.. | terry chay | 07/03/03 10:26 |
|
If you are looking for help, please post on the appropriate forum here. Your questions will be answered much more quickly. | ||
