Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re: Secure State Maintenance

by perrin (Chancellor)
on Feb 28, 2002 at 15:30 UTC ( [id://148240]=note: print w/replies, xml ) Need Help??


in reply to Secure State Maintenance

And what if the user hits back and then submits an older one? Will you be keeping the old ones in the db for a certain amount of time? Doesn't sound so secure to me.

The right way to ensure that client-side data has not been messed with is to use a message digest. This is described quite nicely in the free chapter from O'Reilly's CGI book.

Replies are listed 'Best First'.
Re: Re: Secure State Maintenance
by George_Sherston (Vicar) on Feb 28, 2002 at 17:55 UTC
    Good point. I had intended to delete each one as I create a new one. But then if somebody hits the back button... he gets treated as logged out. So it IS secure... in much the way as locking the doors of your shop stops people stealing from it. Huh. Glad I asked. Thx

    § George Sherston
[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://148240]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (1)
As of 2024-04-25 01:29 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found