Re: Options on session control in a web application

From: Ed Prochak <>
Date: Sun, 3 Aug 2008 13:12:16 -0700 (PDT)
Message-ID: <>

Malcolm Dew-Jones wrote:
> Ed Prochak ( wrote:
> : Connected to:
> : Oracle9i Enterprise Edition Release - 64bit Production
> : With the Partitioning and Oracle Data Mining options
> : JServer Release - Production
> : Showing my lack of User interface application skills here.
> : We have web applications built with PL/SQL. The goal is to develop a
> : simple timing application. When the user enters the fist screen, make
> : a log entry which include the time. When they exit that screen, note
> : how they exited (e.g. OK or CANCEL button pressed) and update the log
> : with a stop time. Given the stateless nature of HTML, what's the best
> : practice to deal with this situation?
> : Use a cookie?
> : Use hidden HTML form fields?
> : Other?
> As long as the hidden field does not have security issues, then I think a
> hidden field is the easiest for simple tasks.

Sounds good. Just wondered if a cookie might be better.

> Your application will see the hidden field just as if it were a normal
> field. In fact during test/development you could use the field as a
> normal input field so as to test various inputs.

We have hidden fields for some other information on this and other pages, so I'm comfortable with that.

 Ed Received on Sun Aug 03 2008 - 15:12:16 CDT

Original text of this message