Closed Thread Icon

Topic awaiting preservation: The point of Session & Request.Form (ASP) (Page 1 of 1) Pages that link to <a href="https://ozoneasylum.com/backlink?for=25071" title="Pages that link to Topic awaiting preservation: The point of Session &amp;amp; Request.Form (ASP) (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: The point of Session &amp; Request.Form (ASP) <span class="small">(Page 1 of 1)</span>\
 
Tekapo
Nervous Wreck (II) Inmate

From:
Insane since: Aug 2004

 posted posted 02-21-2005 10:19

Hi, people. How are you?
I just made small thing using ASP and MS Access.
It is something like editing customer list on the browser.
When I update db, I use Request.form to pass the variables.
But my friend is using session variable to do the same thing.
He said that session is better cuz of the security reason.
is that the point to use Session variable rather than posting form value using .form method? Thanks.
amikael
Bipolar (III) Inmate

From: övik
Insane since: Dec 2002

 posted posted 02-21-2005 13:07

Never trust user input - ever.
- Session-variables should be better in this case, but it kinda depends on how the actual coding of the app looks..

(^-^)b
Tekapo
Nervous Wreck (II) Inmate

From:
Insane since: Aug 2004

 posted posted 02-22-2005 01:03

Thanks for yoru reply, mate. I am wondering....

quote:
Never trust user input - ever.


What do you mean???
When I pass the value of the form, which the end user input, what kinds thing do I have to consider to make data trustwothy then????
Humm...

« BackwardsOnwards »

Show Forum Drop Down Menu
Maximum Security
OZONE
DHTML/Javascript
Server-Side Scripting - Oh my!
CSS - DOM - XHTML - XML - XSL - XSLT
Stupid Basic HTML
Visual Therapy
Photoshop
Photoshop Pong, Anyone?
***WARNING*** BIG SIG APPROACHING
Photography
3D Modelling & Rendering
Multimedia/Animation
Print Graphics
Holding Pens
Philosophy and other Silliness
Outpatient Counseling
Site reviews!
Mad Scientists' Laboratory
Getting to know the Grail