<tip> When using server-based session management, instead of storing lots of user data in the session consider storing only the row id from the user's login profile in the session. That way with one quick query to the database on a page reload you have all the user profile information.</tip>

This tip is particularly important to bear in mind if you're at all security conscious. It isn't particularly hard to manipulate session data, whether it's munged in the URL, or in a cookie, or wherever. If the only piece of information there is an ID that points to the real data, it's a lot harder to set that data.

This of course means that you shouldn't use autoincremented values for this ID, unless you don't mind someone deciding that they'd rather be user 123143 instead of 124124.

I've come across quite a few major ecommerce websites (including large public companies) who had URLs along the lines of http::www.wherever.com/cgi-bin/view_return?id=1233 to let you see the details of your return, and who would quite happily let you see the details of return 1232, 1231 etc as well...

Tony

In reply to Re: Re: (fongsaiyuk) info from one page to another. by salvadors
in thread info from one page to another. by Granite

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.