Re: passing values

How about an id that is actually unique?

perl -MData::UUID -le 'print Data::UUID->new->create_str'

With CGI.pm-

use strict;
use warnings;
use CGI qw(:standard);
use Data::UUID;

print
    header(),
    start_html(),
    h1("MAI FORMZ"),
    start_form(),
    textfield(-name => "testing"),
    hidden(-name => "s3cr37", -value => Data::UUID->new->create_str),
    end_form(),
    end_html();
[download]

Gives-

<!DOCTYPE html
        PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
         "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-U
+S">
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1
+" />
</head>
<body>
<h1>MAI FORMZ</h1><form method="post" action="http://localhost" enctyp
+e="multipart/form-data">
<input type="text" name="testing"  /><input type="hidden" name="s3cr37
+" value="7D632A06-1A7B-11DF-B0FC-8F43FFA00377"  /></form>
</body>
</html>
[download]

Hidden fields are hackable. So don't count on it being a secret or something the user can't twiddle.

Comment on Re: passing values Select or Download Code

Replies are listed 'Best First'.
Re^2: passing values by hekkuviik (Initiate) on Feb 15, 2010 at 22:36 UTC
Thanks, It does not have to secret id, just unique, and there should be a simpler way to do this. `<p> <label>Email <input name="Email" type="text" id="Email" size="50" /> </label>` [download] pass the value from Email to Booking Reference `</label><br /> Booking Reference <label><input name="Booking Reference" type="hidden" id="Booking + Reference" /> </label><br />` [download] and add timestamp	[reply] [d/l] [select]
Re^3: passing values by Your Mother (Archbishop) on Feb 15, 2010 at 23:23 UTC
It sounds like you're trying to do things on the client side (in the form) that should be done on the server side (the Perl generating the form and receiving its data). You should not let the user send a timestamp, s/he can edit it. And you should probably only use that kind of unique value from the form to make sure the form was from the page/tab/submission that was expected and not a duplicate. Perhaps if you told us the problem you're trying to solve instead of the technique, we might have better ideas for you.	[reply]
Re^4: passing values by hekkuviik (Initiate) on Feb 16, 2010 at 00:30 UTC
Let me sleep on it and get then back with you. Hekku	[reply]